prosody
9e2485880cd6
plugins/mod_auth_internal_hashed.lua
Software / code / prosody
Comparison
plugins/mod_auth_internal_hashed.lua @ 3389:9e2485880cd6
mod_auth_internal_hashed: Fixed SCRAM-SHA-1 mechanism to not traceback on non-existent users.
| author | Waqas Hussain <waqas20@gmail.com> |
|---|---|
| date | Sat, 17 Jul 2010 19:34:06 +0500 |
| parent | 3335:f13306ce3417 |
| child | 3395:e736f68c1047 |
comparison
equal
deleted
inserted
replaced
| 3386:526b86cfbb17 | 3389:9e2485880cd6 |
|---|---|
| 142 return "", nil; | 142 return "", nil; |
| 143 end | 143 end |
| 144 return usermanager.test_password(prepped_username, password, realm), true; | 144 return usermanager.test_password(prepped_username, password, realm), true; |
| 145 end, | 145 end, |
| 146 scram_sha_1 = function(username, realm) | 146 scram_sha_1 = function(username, realm) |
| 147 local credentials = datamanager.load(username, host, "accounts") or {}; | 147 local credentials = datamanager.load(username, host, "accounts"); |
| 148 if not credentials then return; end | |
| 148 if credentials.password then | 149 if credentials.password then |
| 149 usermanager.set_password(username, credentials.password, host); | 150 usermanager.set_password(username, credentials.password, host); |
| 150 credentials = datamanager.load(username, host, "accounts") or {}; | 151 credentials = datamanager.load(username, host, "accounts"); |
| 152 if not credentials then return; end | |
| 151 end | 153 end |
| 152 | 154 |
| 153 -- convert hexpass to stored_key and server_key | 155 -- convert hexpass to stored_key and server_key |
| 154 -- COMPAT w/old trunk: remove before 0.8 release | 156 -- COMPAT w/old trunk: remove before 0.8 release |
| 155 if credentials.hashpass then | 157 if credentials.hashpass then |
| 157 credentials.stored_key = sha1(hmac_sha1(salted_password, "Client Key"), true); | 159 credentials.stored_key = sha1(hmac_sha1(salted_password, "Client Key"), true); |
| 158 credentials.server_key = to_hex(hmac_sha1(salted_password, "Server Key")); | 160 credentials.server_key = to_hex(hmac_sha1(salted_password, "Server Key")); |
| 159 credentials.hashpass = nil | 161 credentials.hashpass = nil |
| 160 datamanager.store(username, host, "accounts", credentials); | 162 datamanager.store(username, host, "accounts", credentials); |
| 161 end | 163 end |
| 162 | 164 |
| 163 local stored_key, server_key, iteration_count, salt = credentials.stored_key, credentials.server_key, credentials.iteration_count, credentials.salt; | 165 local stored_key, server_key, iteration_count, salt = credentials.stored_key, credentials.server_key, credentials.iteration_count, credentials.salt; |
| 164 stored_key = stored_key and from_hex(stored_key); | 166 stored_key = stored_key and from_hex(stored_key); |
| 165 server_key = server_key and from_hex(server_key); | 167 server_key = server_key and from_hex(server_key); |
| 166 return stored_key, server_key, iteration_count, salt, true; | 168 return stored_key, server_key, iteration_count, salt, true; |
| 167 end | 169 end |
