diff options
| author | Evgeniy Khramtsov <ekhramtsov@process-one.net> | 2016-03-25 18:16:50 +0300 |
|---|---|---|
| committer | Evgeniy Khramtsov <ekhramtsov@process-one.net> | 2016-03-25 18:16:50 +0300 |
| commit | 46568fb9596d8203c635477b30c91d2928847dea (patch) | |
| tree | a3aad804b0bcab951f9ebfaf3df1db27c550db7f /src/ejabberd_auth_internal.erl | |
| parent | Merge pull request #1035 from processone/modular-tests-run (diff) | |
| parent | Use SASL PLAIN authzid as client identity if auth module permits it (diff) | |
Merge commit 'refs/pull/524/head' of github.com:processone/ejabberd into sasl-api-change
Diffstat (limited to 'src/ejabberd_auth_internal.erl')
| -rw-r--r-- | src/ejabberd_auth_internal.erl | 24 |
1 files changed, 16 insertions, 8 deletions
diff --git a/src/ejabberd_auth_internal.erl b/src/ejabberd_auth_internal.erl index d60e0fc5..3b30b360 100644 --- a/src/ejabberd_auth_internal.erl +++ b/src/ejabberd_auth_internal.erl @@ -31,8 +31,8 @@ -behaviour(ejabberd_auth). --export([start/1, set_password/3, check_password/3, - check_password/5, try_register/3, +-export([start/1, set_password/3, check_password/4, + check_password/6, try_register/3, dirty_get_registered_users/0, get_vh_registered_users/1, get_vh_registered_users/2, get_vh_registered_users_number/1, @@ -86,9 +86,12 @@ store_type() -> true -> scram %% allows: PLAIN SCRAM end. -check_password(User, Server, Password) -> - LUser = jid:nodeprep(User), - LServer = jid:nameprep(Server), +check_password(User, AuthzId, Server, Password) -> + if AuthzId /= <<>> andalso AuthzId /= User -> + false; + true -> + LUser = jid:nodeprep(User), + LServer = jid:nameprep(Server), US = {LUser, LServer}, case catch mnesia:dirty_read({passwd, US}) of [#passwd{password = Password}] @@ -98,12 +101,16 @@ check_password(User, Server, Password) -> when is_record(Scram, scram) -> is_password_scram_valid(Password, Scram); _ -> false + end end. -check_password(User, Server, Password, Digest, +check_password(User, AuthzId, Server, Password, Digest, DigestGen) -> - LUser = jid:nodeprep(User), - LServer = jid:nameprep(Server), + if AuthzId /= <<>> andalso AuthzId /= User -> + false; + true -> + LUser = jid:nodeprep(User), + LServer = jid:nameprep(Server), US = {LUser, LServer}, case catch mnesia:dirty_read({passwd, US}) of [#passwd{password = Passwd}] when is_binary(Passwd) -> @@ -125,6 +132,7 @@ check_password(User, Server, Password, Digest, true -> (Passwd == Password) and (Password /= <<"">>) end; _ -> false + end end. %% @spec (User::string(), Server::string(), Password::string()) -> |