diff options
| author | Badlop <badlop@process-one.net> | 2017-02-20 12:47:56 +0100 |
|---|---|---|
| committer | Badlop <badlop@process-one.net> | 2017-02-20 12:47:56 +0100 |
| commit | 7d767fac7fdb395b609ff07cab6b1d5eb223ae88 (patch) | |
| tree | 1ea8640eb2ca997c42dc5aadfba1bb7c10c317fa | |
| parent | Fix s2s_dns_timeout issues (diff) | |
Support scrammed passwords in ejabberdctl import_prosody (#1549)
| -rw-r--r-- | src/ejabberd_auth_mnesia.erl | 2 | ||||
| -rw-r--r-- | src/ejabberd_auth_riak.erl | 2 | ||||
| -rw-r--r-- | src/ejabberd_auth_sql.erl | 7 | ||||
| -rw-r--r-- | src/prosody2ejabberd.erl | 19 |
4 files changed, 25 insertions, 5 deletions
diff --git a/src/ejabberd_auth_mnesia.erl b/src/ejabberd_auth_mnesia.erl index a4e9c1f89..3145d90ca 100644 --- a/src/ejabberd_auth_mnesia.erl +++ b/src/ejabberd_auth_mnesia.erl @@ -174,7 +174,7 @@ try_register(User, Server, PasswordList) -> US = {LUser, LServer}, if (LUser == error) or (LServer == error) -> {error, invalid_jid}; - LPassword == error -> + (LPassword == error) and not is_record(Password, scram) -> {error, invalid_password}; true -> F = fun () -> diff --git a/src/ejabberd_auth_riak.erl b/src/ejabberd_auth_riak.erl index df3321332..6067c35ed 100644 --- a/src/ejabberd_auth_riak.erl +++ b/src/ejabberd_auth_riak.erl @@ -148,7 +148,7 @@ try_register(User, Server, PasswordList) -> US = {LUser, LServer}, if (LUser == error) or (LServer == error) -> {error, invalid_jid}; - LPassword == error -> + LPassword == error and not is_record(Password, scram) -> {error, invalid_password}; true -> case ejabberd_riak:get(passwd, passwd_schema(), US) of diff --git a/src/ejabberd_auth_sql.erl b/src/ejabberd_auth_sql.erl index 4228b3345..d8fc61703 100644 --- a/src/ejabberd_auth_sql.erl +++ b/src/ejabberd_auth_sql.erl @@ -201,12 +201,15 @@ try_register(User, Server, Password) -> {error, invalid_jid}; (LUser == <<>>) or (LServer == <<>>) -> {error, invalid_jid}; - LPassword == error -> + LPassword == error and not is_record(Password, scram) -> {error, invalid_password}; true -> case is_scrammed() of true -> - Scram = password_to_scram(Password), + Scram = case is_record(Password, scram) of + true -> Password; + false -> password_to_scram(Password) + end, case catch sql_queries:add_user_scram( LServer, LUser, diff --git a/src/prosody2ejabberd.erl b/src/prosody2ejabberd.erl index afb714d9b..881a5b3e7 100644 --- a/src/prosody2ejabberd.erl +++ b/src/prosody2ejabberd.erl @@ -109,8 +109,25 @@ eval_file(Path) -> Err end. +maybe_get_scram_auth(Data) -> + case proplists:get_value(<<"iteration_count">>, Data, no_ic) of + IC when is_float(IC) -> %% A float like 4096.0 is read + #scram{ + storedkey = proplists:get_value(<<"stored_key">>, Data, <<"">>), + serverkey = proplists:get_value(<<"server_key">>, Data, <<"">>), + salt = proplists:get_value(<<"salt">>, Data, <<"">>), + iterationcount = round(IC) + }; + _ -> <<"">> + end. + convert_data(Host, "accounts", User, [Data]) -> - Password = proplists:get_value(<<"password">>, Data, <<>>), + Password = case proplists:get_value(<<"password">>, Data, no_pass) of + no_pass -> + maybe_get_scram_auth(Data); + Pass when is_binary(Pass) -> + Pass + end, case ejabberd_auth:try_register(User, Host, Password) of {atomic, ok} -> ok; |