prosody
b1ca849b8e3a
plugins/mod_auth_internal_hashed.lua
Software / code / prosody
Comparison
plugins/mod_auth_internal_hashed.lua @ 10522:b1ca849b8e3a 0.11
mod_auth_internal_hashed: Pass on errors from password hash function (fixes #1477)
| author | Kim Alvefur <zash@zash.se> |
|---|---|
| date | Mon, 23 Dec 2019 22:42:39 +0100 |
| parent | 8192:4354f556c5db |
| child | 10563:e8db377a2983 |
| child | 10914:0d7d71dee0a0 |
comparison
equal
deleted
inserted
replaced
| 10520:225fade2ab4d | 10522:b1ca849b8e3a |
|---|---|
| 66 local account = accounts:get(username); | 66 local account = accounts:get(username); |
| 67 if account then | 67 if account then |
| 68 account.salt = generate_uuid(); | 68 account.salt = generate_uuid(); |
| 69 account.iteration_count = max(account.iteration_count or 0, default_iteration_count); | 69 account.iteration_count = max(account.iteration_count or 0, default_iteration_count); |
| 70 local valid, stored_key, server_key = getAuthenticationDatabaseSHA1(password, account.salt, account.iteration_count); | 70 local valid, stored_key, server_key = getAuthenticationDatabaseSHA1(password, account.salt, account.iteration_count); |
| 71 if not valid then | |
| 72 return valid, stored_key; | |
| 73 end | |
| 71 local stored_key_hex = to_hex(stored_key); | 74 local stored_key_hex = to_hex(stored_key); |
| 72 local server_key_hex = to_hex(server_key); | 75 local server_key_hex = to_hex(server_key); |
| 73 | 76 |
| 74 account.stored_key = stored_key_hex | 77 account.stored_key = stored_key_hex |
| 75 account.server_key = server_key_hex | 78 account.server_key = server_key_hex |
| 97 if password == nil then | 100 if password == nil then |
| 98 return accounts:set(username, {}); | 101 return accounts:set(username, {}); |
| 99 end | 102 end |
| 100 local salt = generate_uuid(); | 103 local salt = generate_uuid(); |
| 101 local valid, stored_key, server_key = getAuthenticationDatabaseSHA1(password, salt, default_iteration_count); | 104 local valid, stored_key, server_key = getAuthenticationDatabaseSHA1(password, salt, default_iteration_count); |
| 105 if not valid then | |
| 106 return valid, stored_key; | |
| 107 end | |
| 102 local stored_key_hex = to_hex(stored_key); | 108 local stored_key_hex = to_hex(stored_key); |
| 103 local server_key_hex = to_hex(server_key); | 109 local server_key_hex = to_hex(server_key); |
| 104 return accounts:set(username, { | 110 return accounts:set(username, { |
| 105 stored_key = stored_key_hex, server_key = server_key_hex, | 111 stored_key = stored_key_hex, server_key = server_key_hex, |
| 106 salt = salt, iteration_count = default_iteration_count | 112 salt = salt, iteration_count = default_iteration_count |
