From: Badlop <badlop@process-one.net>
Date: Thu, 25 Jun 2015 11:39:45 +0000 (+0200)
Subject: When passwords are scrammed, report check_password_hash cannot work (#559)
X-Git-Tag: 15.07~45
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=4ae1b4db03f4cea0fd1d7639ac58eb58cbb19efd;p=ejabberd

When passwords are scrammed, report check_password_hash cannot work (#559)
---

diff --git a/src/mod_admin_extra.erl b/src/mod_admin_extra.erl
index 6fbf762eb..436108ead 100644
--- a/src/mod_admin_extra.erl
+++ b/src/mod_admin_extra.erl
@@ -515,12 +515,16 @@ set_password(User, Host, Password) ->
 %% Copied some code from ejabberd_commands.erl
 check_password_hash(User, Host, PasswordHash, HashMethod) ->
     AccountPass = ejabberd_auth:get_password_s(User, Host),
-    AccountPassHash = case HashMethod of
-			  "md5" -> get_md5(AccountPass);
-			  "sha" -> get_sha(AccountPass);
+    AccountPassHash = case {AccountPass, HashMethod} of
+			  {A, _} when is_tuple(A) -> scrammed;
+			  {_, "md5"} -> get_md5(AccountPass);
+			  {_, "sha"} -> get_sha(AccountPass);
 			  _ -> undefined
 		      end,
     case AccountPassHash of
+	scrammed ->
+	    ?ERROR_MSG("Passwords are scrammed, and check_password_hash can not work.", []),
+	    throw(passwords_scrammed_command_cannot_work);
 	undefined -> error;
 	PasswordHash -> ok;
 	_ -> error