diff options
author | Kim Alvefur <zash@zash.se> | 2017-07-28 13:15:29 +0200 |
---|---|---|
committer | Kim Alvefur <zash@zash.se> | 2017-07-28 13:15:29 +0200 |
commit | 73b75571e6546448dac8a67c6c231c14851ccac1 (patch) | |
tree | e8ab717facc4069414f7377ed320eeac03dccc66 | |
parent | cc8653d31c87dcdf4d140697e87b57ca5130d9d5 (diff) | |
download | prosody-73b75571e6546448dac8a67c6c231c14851ccac1.tar.gz prosody-73b75571e6546448dac8a67c6c231c14851ccac1.zip |
core.usermanager, various modules: Disconnect other resources on password change (thanks waqas) (fixes #512)
-rw-r--r-- | core/usermanager.lua | 8 | ||||
-rw-r--r-- | plugins/mod_admin_adhoc.lua | 2 | ||||
-rw-r--r-- | plugins/mod_admin_telnet.lua | 2 | ||||
-rw-r--r-- | plugins/mod_auth_internal_hashed.lua | 4 | ||||
-rw-r--r-- | plugins/mod_c2s.lua | 12 | ||||
-rw-r--r-- | plugins/mod_register.lua | 2 |
6 files changed, 24 insertions, 6 deletions
diff --git a/core/usermanager.lua b/core/usermanager.lua index d5132662..f795e8ae 100644 --- a/core/usermanager.lua +++ b/core/usermanager.lua @@ -76,8 +76,12 @@ local function get_password(username, host) return hosts[host].users.get_password(username); end -local function set_password(username, password, host) - return hosts[host].users.set_password(username, password); +local function set_password(username, password, host, resource) + local ok, err = hosts[host].users.set_password(username, password); + if ok then + prosody.events.fire_event("user-password-changed", { username = username, host = host, resource = resource }); + end + return ok, err; end local function user_exists(username, host) diff --git a/plugins/mod_admin_adhoc.lua b/plugins/mod_admin_adhoc.lua index 392e715e..f3de6793 100644 --- a/plugins/mod_admin_adhoc.lua +++ b/plugins/mod_admin_adhoc.lua @@ -97,7 +97,7 @@ local change_user_password_command_handler = adhoc_simple(change_user_password_l if module_host ~= host then return { status = "completed", error = { message = "Trying to change the password of a user on " .. host .. " but command was sent to " .. module_host}}; end - if usermanager_user_exists(username, host) and usermanager_set_password(username, fields.password, host) then + if usermanager_user_exists(username, host) and usermanager_set_password(username, fields.password, host, nil) then return { status = "completed", info = "Password successfully changed" }; else return { status = "completed", error = { message = "User does not exist" } }; diff --git a/plugins/mod_admin_telnet.lua b/plugins/mod_admin_telnet.lua index 293f6320..5c01f8b8 100644 --- a/plugins/mod_admin_telnet.lua +++ b/plugins/mod_admin_telnet.lua @@ -1030,7 +1030,7 @@ function def_env.user:password(jid, password) elseif not um.user_exists(username, host) then return nil, "No such user"; end - local ok, err = um.set_password(username, password, host); + local ok, err = um.set_password(username, password, host, nil); if ok then return true, "User password changed"; else diff --git a/plugins/mod_auth_internal_hashed.lua b/plugins/mod_auth_internal_hashed.lua index 53e345e5..35764afb 100644 --- a/plugins/mod_auth_internal_hashed.lua +++ b/plugins/mod_auth_internal_hashed.lua @@ -120,7 +120,9 @@ function provider.get_sasl_handler() local credentials = accounts:get(username); if not credentials then return; end if credentials.password then - usermanager.set_password(username, credentials.password, host); + if provider.set_password(username, credentials.password) == nil then + return nil, "Auth failed. Could not set hashed password from plaintext."; + end credentials = accounts:get(username); if not credentials then return; end end diff --git a/plugins/mod_c2s.lua b/plugins/mod_c2s.lua index cfeb0f0e..fbc22be6 100644 --- a/plugins/mod_c2s.lua +++ b/plugins/mod_c2s.lua @@ -203,6 +203,18 @@ module:hook_global("user-deleted", function(event) end end, 200); +module:hook_global("user-password-changed", function(event) + local username, host, resource = event.username, event.host, event.resource; + local user = hosts[host].sessions[username]; + if user and user.sessions then + for r, session in pairs(user.sessions) do + if r ~= resource then + session:close{ condition = "reset", text = "Password changed" }; + end + end + end +end, 200); + --- Port listener function listener.onconnect(conn) local session = sm_new_session(conn); diff --git a/plugins/mod_register.lua b/plugins/mod_register.lua index fd5339d9..832dd991 100644 --- a/plugins/mod_register.lua +++ b/plugins/mod_register.lua @@ -130,7 +130,7 @@ local function handle_registration_stanza(event) local password = query:get_child_text("password"); if username and password then if username == session.username then - if usermanager_set_password(username, password, session.host) then + if usermanager_set_password(username, password, session.host, session.resource) then session.send(st.reply(stanza)); else -- TODO unable to write file, file may be locked, etc, what's the correct error? |