aboutsummaryrefslogtreecommitdiff
path: root/src/ejabberd_auth_sql.erl
diff options
context:
space:
mode:
Diffstat (limited to 'src/ejabberd_auth_sql.erl')
-rw-r--r--src/ejabberd_auth_sql.erl11
1 files changed, 10 insertions, 1 deletions
diff --git a/src/ejabberd_auth_sql.erl b/src/ejabberd_auth_sql.erl
index 17e3e517b..d6d945e02 100644
--- a/src/ejabberd_auth_sql.erl
+++ b/src/ejabberd_auth_sql.erl
@@ -88,7 +88,7 @@ check_password(User, AuthzId, Server, Password) ->
serverkey = ServerKey,
salt = Salt,
iterationcount = IterationCount},
- is_password_scram_valid(Password, Scram);
+ is_password_scram_valid_stored(Password, Scram, LUser, LServer);
{selected, []} ->
false; %% Account does not exist
{error, _Error} ->
@@ -417,6 +417,15 @@ password_to_scram(Password, IterationCount) ->
salt = jlib:encode_base64(Salt),
iterationcount = IterationCount}.
+is_password_scram_valid_stored(Pass, {scram,Pass,<<>>,<<>>,0}, LUser, LServer) ->
+ ?INFO_MSG("Apparently, SQL auth method and scram password formatting are "
+ "enabled, but the password of user '~s' in the 'users' table is not "
+ "scrammed. You may want to execute this command: "
+ "ejabberdctl convert_to_scram ~s", [LUser, LServer]),
+ false;
+is_password_scram_valid_stored(Password, Scram, _, _) ->
+ is_password_scram_valid(Password, Scram).
+
is_password_scram_valid(Password, Scram) ->
IterationCount = Scram#scram.iterationcount,
Salt = jlib:decode_base64(Scram#scram.salt),
generated by cgit v1.2.3 (git 2.25.1) at 2025-09-11 13:01:15 +0000