]> granicus.if.org Git - ejabberd/commitdiff
projects / ejabberd / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: bbb90b9)
Report in SQL when scram is enabled but the stored password isn't (#1096)
authorBadlop <badlop@process-one.net>
Wed, 1 Jun 2016 18:48:52 +0000 (20:48 +0200)
committerBadlop <badlop@process-one.net>
Wed, 1 Jun 2016 18:48:52 +0000 (20:48 +0200)
src/ejabberd_auth_sql.erl patch | blob | history

diff --git a/src/ejabberd_auth_sql.erl b/src/ejabberd_auth_sql.erl
index 17e3e517ba8ece3df16e3a0ce36f01ac88de2198..d6d945e02164af86ca88b49d225eaec03cb61684 100644 (file)
--- a/src/ejabberd_auth_sql.erl
+++ b/src/ejabberd_auth_sql.erl
@@ -88,7 +88,7 @@ check_password(User, AuthzId, Server, Password) ->
                                        serverkey = ServerKey,
                                        salt = Salt,
                                        iterationcount = IterationCount},
-                            is_password_scram_valid(Password, Scram);
+                            is_password_scram_valid_stored(Password, Scram, LUser, LServer);
                         {selected, []} ->
                             false; %% Account does not exist
                         {error, _Error} ->
@@ -417,6 +417,15 @@ password_to_scram(Password, IterationCount) ->
           salt = jlib:encode_base64(Salt),
           iterationcount = IterationCount}.
 
+is_password_scram_valid_stored(Pass, {scram,Pass,<<>>,<<>>,0}, LUser, LServer) ->
+    ?INFO_MSG("Apparently, SQL auth method and scram password formatting are "
+       "enabled, but the password of user '~s' in the 'users' table is not "
+       "scrammed. You may want to execute this command: "
+       "ejabberdctl convert_to_scram ~s", [LUser, LServer]),
+    false;
+is_password_scram_valid_stored(Password, Scram, _, _) ->
+    is_password_scram_valid(Password, Scram).
+
 is_password_scram_valid(Password, Scram) ->
     IterationCount = Scram#scram.iterationcount,
     Salt = jlib:decode_base64(Scram#scram.salt),
Unnamed repository; edit this file 'description' to name the repository.