Merge from waqas

2 files changed, 5 insertions, 10 deletions

diff --git a/core/s2smanager.lua b/core/s2smanager.lua
index c584e78b..1cd40aa8 100644
--- a/core/s2smanager.lua
+++ b/core/s2smanager.lua
@@ -21,7 +21,7 @@ local logger_init = require "util.logger".init;
 
 local log = logger_init("s2smanager");
 
-local md5_hash = require "util.hashes".md5;
+local sha256_hash = require "util.hashes".sha256;
 
 local dialback_secret = "This is very secret!!! Ha!";
 
@@ -210,7 +210,7 @@ function initiate_dialback(session)
 end
 
 function generate_dialback(id, to, from)
-	return md5_hash(id..to..from..dialback_secret); -- FIXME: See XEP-185 and XEP-220
+	return sha256_hash(id..to..from..dialback_secret, true);
 end
 
 function verify_dialback(id, to, from, key)
diff --git a/core/usermanager.lua b/core/usermanager.lua
index 808faf71..a5229f38 100644
--- a/core/usermanager.lua
+++ b/core/usermanager.lua
@@ -19,15 +19,12 @@ function validate_credentials(host, username, password, method)
 		end
 	end
 	-- must do md5
-	if not hashes.md5 then
-		return nil, "Server misconfiguration, the md5 library is not available.";
-	end
 	-- make credentials md5
 	local pwd = credentials.password;
-	if not pwd then pwd = credentials.md5; else pwd = hashes.md5(pwd); end
+	if not pwd then pwd = credentials.md5; else pwd = hashes.md5(pwd, true); end
 	-- make password md5
 	if method == "PLAIN" then
-		password = hashes.md5(password or "");
+		password = hashes.md5(password or "", true);
 	elseif method ~= "DIGEST-MD5" then
 		return nil, "Unsupported auth method";
 	end
@@ -49,9 +46,7 @@ end
 
 function get_supported_methods(host)
 	local methods = {["PLAIN"] = true}; -- TODO this should be taken from the config
-	if hashes.md5 then
-		methods["DIGEST-MD5"] = true;
-	end
+	methods["DIGEST-MD5"] = true;
 	return methods;
 end