diff options
| author | Alexey Shchepin <alexey@process-one.net> | 2016-05-04 21:01:05 +0300 |
|---|---|---|
| committer | Alexey Shchepin <alexey@process-one.net> | 2016-05-05 15:51:58 +0300 |
| commit | 0ea0ba3004282636c95bc86c3aac8755fcf7f8b1 (patch) | |
| tree | 1330b6db70f7f6100c1997851faece5ad569391f /src/ejabberd_auth_mnesia.erl | |
| parent | Merge remote-tracking branch 'processone/pr/1088' (diff) | |
Update more SQL queries
Diffstat (limited to 'src/ejabberd_auth_mnesia.erl')
| -rw-r--r-- | src/ejabberd_auth_mnesia.erl | 23 |
1 files changed, 18 insertions, 5 deletions
diff --git a/src/ejabberd_auth_mnesia.erl b/src/ejabberd_auth_mnesia.erl index 9029404d6..58e22c79c 100644 --- a/src/ejabberd_auth_mnesia.erl +++ b/src/ejabberd_auth_mnesia.erl @@ -25,6 +25,8 @@ -module(ejabberd_auth_mnesia). +-compile([{parse_transform, ejabberd_sql_pt}]). + -behaviour(ejabberd_config). -author('alexey@process-one.net'). @@ -43,6 +45,7 @@ -include("ejabberd.hrl"). -include("logger.hrl"). +-include("ejabberd_sql_pt.hrl"). -record(passwd, {us = {<<"">>, <<"">>} :: {binary(), binary()} | '$1', password = <<"">> :: binary() | scram() | '_'}). @@ -473,12 +476,22 @@ is_password_scram_valid(Password, Scram) -> export(_Server) -> [{passwd, fun(Host, #passwd{us = {LUser, LServer}, password = Password}) + when LServer == Host, + is_binary(Password) -> + [?SQL("delete from users where username=%(LUser)s;"), + ?SQL("insert into users(username, password) " + "values (%(LUser)s, %(Password)s);")]; + (Host, #passwd{us = {LUser, LServer}, password = #scram{} = Scram}) when LServer == Host -> - Username = ejabberd_sql:escape(LUser), - Pass = ejabberd_sql:escape(Password), - [[<<"delete from users where username='">>, Username, <<"';">>], - [<<"insert into users(username, password) " - "values ('">>, Username, <<"', '">>, Pass, <<"');">>]]; + StoredKey = Scram#scram.storedkey, + ServerKey = Scram#scram.serverkey, + Salt = Scram#scram.salt, + IterationCount = Scram#scram.iterationcount, + [?SQL("delete from users where username=%(LUser)s;"), + ?SQL("insert into users(username, password, serverkey, salt, " + "iterationcount) " + "values (%(LUser)s, %(StoredKey)s, %(ServerKey)s," + " %(Salt)s, %(IterationCount)d);")]; (_Host, _R) -> [] end}]. |