prosody
5e51f8a7179b

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Changeset

3210:5e51f8a7179b

mod_auth_internal_hashed: Convert hashpass to server_key/stored_key on PLAIN login.
author Tobias Markmann <tm@ayena.de>
date Wed, 09 Jun 2010 17:51:08 +0200
parents 3209:cbceb398c1e4
children 3211:d69e90ffbc09
files plugins/mod_auth_internal_hashed.lua
diffstat 1 files changed, 13 insertions(+), 19 deletions(-) [+]
line wrap: on
line diff
--- a/plugins/mod_auth_internal_hashed.lua	Tue Jun 08 20:39:27 2010 +0200
+++ b/plugins/mod_auth_internal_hashed.lua	Wed Jun 09 17:51:08 2010 +0200
@@ -59,22 +59,22 @@
 		
 		local valid, stored_key, server_key
 		
-		if credentials.hexpass then
-			-- convert hexpass to stored_key and server_key
-			-- TODO: remove this in near future
+		-- convert hexpass to stored_key and server_key
+		-- TODO: remove this in near future
+		if credentials.hashpass then
 			valid = true;
-			local salted_password = credentials.hexpass:gsub("..", function(x) return string.char(tonumber(x, 16)); end);
-			
-			stored_key = sha1(hmac_sha1(salted_password, "Client Key"))
-			server_key = hmac_sha1(salted_password, "Server Key");
-		else
-			valid, stored_key, server_key = getAuthenticationDatabaseSHA1(password, credentials.salt, credentials.iteration_count);
+			local salted_password = credentials.hashpass:gsub("..", function(x) return string.char(tonumber(x, 16)); end);
+			log("debug", "salted_password in bin: %s", tostring(salted_password));
+			credentials.stored_key = sha1(hmac_sha1(salted_password, "Client Key")):gsub(".", function (c) return ("%02x"):format(c:byte()); end);
+			credentials.server_key = hmac_sha1(salted_password, "Server Key"):gsub(".", function (c) return ("%02x"):format(c:byte()); end);
 		end
 		
+		local valid, stored_key, server_key = getAuthenticationDatabaseSHA1(password, credentials.salt, credentials.iteration_count);
+		
 		local stored_key_hex = stored_key:gsub(".", function (c) return ("%02x"):format(c:byte()); end);
 		local server_key_hex = server_key:gsub(".", function (c) return ("%02x"):format(c:byte()); end);
 		
-		if valid and stored_key_hex == credentials.stored_key and server_key_hex == credentials.server_key_hex then
+		if valid and stored_key_hex == credentials.stored_key and server_key_hex == credentials.server_key then
 			return true;
 		else
 			return nil, "Auth failed. Invalid username, password, or password hash information.";
@@ -85,15 +85,9 @@
 		if is_cyrus(host) then return nil, "Passwords unavailable for Cyrus SASL."; end
 		local account = datamanager.load(username, host, "accounts");
 		if account then
-			if account.iteration_count == nil then
-				account.iteration_count = iteration_count;
-			end
-
-			if account.salt == nil then
-				account.salt = generate_uuid();
-			end
-			
-			local valid, stored_key, server_key = getAuthenticationDatabaseSHA1(password, credentials.salt, credentials.iteration_count);
+			account.salt = account.salt or generate_uuid();
+			account.iteration_count = account.iteration_count or iteration_count;
+			local valid, stored_key, server_key = getAuthenticationDatabaseSHA1(password, account.salt, account.iteration_count);
 			local stored_key_hex = stored_key:gsub(".", function (c) return ("%02x"):format(c:byte()); end);
 			local server_key_hex = server_key:gsub(".", function (c) return ("%02x"):format(c:byte()); end);