diff options
| author | Kim Alvefur <zash@zash.se> | 2014-02-19 20:10:23 +0100 |
|---|---|---|
| committer | Kim Alvefur <zash@zash.se> | 2014-02-19 20:10:23 +0100 |
| commit | 9e76e7d73a59606d756d069cc402fb1c86f34f32 (patch) | |
| tree | 5110e98da3ce0b1a10fa2300eee28a6b6b566fe1 | |
| parent | 08f04b1419c2c8878d3836d11cd7af806a083898 (diff) | |
| parent | 1a4b32a3946e64a7d056da6ba8d1011e008fe986 (diff) | |
| download | prosody-9e76e7d73a59606d756d069cc402fb1c86f34f32.tar.gz prosody-9e76e7d73a59606d756d069cc402fb1c86f34f32.zip | |
Merge 0.10->trunk
| -rw-r--r-- | plugins/mod_auth_internal_hashed.lua | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/plugins/mod_auth_internal_hashed.lua b/plugins/mod_auth_internal_hashed.lua index fb87bb9f..954392c9 100644 --- a/plugins/mod_auth_internal_hashed.lua +++ b/plugins/mod_auth_internal_hashed.lua @@ -7,6 +7,8 @@ -- COPYING file in the source package for more information. -- +local max = math.max; + local getAuthenticationDatabaseSHA1 = require "util.sasl.scram".getAuthenticationDatabaseSHA1; local usermanager = require "core.usermanager"; local generate_uuid = require "util.uuid".generate; @@ -39,7 +41,7 @@ end -- Default; can be set per-user -local iteration_count = 4096; +local default_iteration_count = 4096; -- define auth provider local provider = {}; @@ -80,8 +82,8 @@ function provider.set_password(username, password) log("debug", "set_password for username '%s'", username); local account = accounts:get(username); if account then - account.salt = account.salt or generate_uuid(); - account.iteration_count = account.iteration_count or iteration_count; + account.salt = generate_uuid(); + account.iteration_count = max(account.iteration_count or 0, default_iteration_count); local valid, stored_key, server_key = getAuthenticationDatabaseSHA1(password, account.salt, account.iteration_count); local stored_key_hex = to_hex(stored_key); local server_key_hex = to_hex(server_key); @@ -113,10 +115,10 @@ function provider.create_user(username, password) return accounts:set(username, {}); end local salt = generate_uuid(); - local valid, stored_key, server_key = getAuthenticationDatabaseSHA1(password, salt, iteration_count); + local valid, stored_key, server_key = getAuthenticationDatabaseSHA1(password, salt, default_iteration_count); local stored_key_hex = to_hex(stored_key); local server_key_hex = to_hex(server_key); - return accounts:set(username, {stored_key = stored_key_hex, server_key = server_key_hex, salt = salt, iteration_count = iteration_count}); + return accounts:set(username, {stored_key = stored_key_hex, server_key = server_key_hex, salt = salt, iteration_count = default_iteration_count}); end function provider.delete_user(username) |