From 8a737f875f36252dcac491e3d06ba567b5bda278 Mon Sep 17 00:00:00 2001
From: Badlop <badlop@process-one.net>
Date: Mon, 27 Aug 2012 16:57:56 +0200
Subject: Add SCRAM and remove MD5 support to ejabberd commands auth
 verification

---
 src/ejabberd_commands.erl | 15 +++++----------
 1 file changed, 5 insertions(+), 10 deletions(-)

(limited to 'src')

diff --git a/src/ejabberd_commands.erl b/src/ejabberd_commands.erl
index 215a80876..92b2edc45 100644
--- a/src/ejabberd_commands.erl
+++ b/src/ejabberd_commands.erl
@@ -381,18 +381,13 @@ check_auth(noauth) ->
     no_auth_provided;
 check_auth({User, Server, Password}) ->
     %% Check the account exists and password is valid
-    AccountPass = ejabberd_auth:get_password_s(User, Server),
-    AccountPassMD5 = get_md5(AccountPass),
-    case Password of
-	AccountPass -> {ok, User, Server};
-	AccountPassMD5 -> {ok, User, Server};
-	_ -> throw({error, invalid_account_data})
+    case ejabberd_auth:check_password(User, Server, Password) of
+	true ->
+	    {ok, User, Server};
+	false ->
+	    throw({error, invalid_account_data})
     end.
 
-get_md5(AccountPass) ->
-    lists:flatten([io_lib:format("~.16B", [X])
-		   || X <- binary_to_list(crypto:md5(AccountPass))]).
-
 check_access(all, _) ->
     true;
 check_access(Access, Auth) ->
-- 
cgit v1.2.3