diff options
author | Matthew Wild <mwild1@gmail.com> | 2008-11-27 23:36:49 +0000 |
---|---|---|
committer | Matthew Wild <mwild1@gmail.com> | 2008-11-27 23:36:49 +0000 |
commit | efd0ef64bb4cbf51ecbd51280b4cf42d7f6e6ed8 (patch) | |
tree | fbb36c13b7526cb3f7d79d364e8b338c4fc81b34 /core | |
parent | f588a0f5b0dd4c6b6d2c81a517594b50b45fc15b (diff) | |
parent | 631e249397fd7cd2a2c5a7cb4c1feba664a41b2e (diff) | |
download | prosody-efd0ef64bb4cbf51ecbd51280b4cf42d7f6e6ed8.tar.gz prosody-efd0ef64bb4cbf51ecbd51280b4cf42d7f6e6ed8.zip |
Merge from waqas
Diffstat (limited to 'core')
-rw-r--r-- | core/s2smanager.lua | 4 | ||||
-rw-r--r-- | core/usermanager.lua | 11 |
2 files changed, 5 insertions, 10 deletions
diff --git a/core/s2smanager.lua b/core/s2smanager.lua index c584e78b..1cd40aa8 100644 --- a/core/s2smanager.lua +++ b/core/s2smanager.lua @@ -21,7 +21,7 @@ local logger_init = require "util.logger".init; local log = logger_init("s2smanager"); -local md5_hash = require "util.hashes".md5; +local sha256_hash = require "util.hashes".sha256; local dialback_secret = "This is very secret!!! Ha!"; @@ -210,7 +210,7 @@ function initiate_dialback(session) end function generate_dialback(id, to, from) - return md5_hash(id..to..from..dialback_secret); -- FIXME: See XEP-185 and XEP-220 + return sha256_hash(id..to..from..dialback_secret, true); end function verify_dialback(id, to, from, key) diff --git a/core/usermanager.lua b/core/usermanager.lua index 808faf71..a5229f38 100644 --- a/core/usermanager.lua +++ b/core/usermanager.lua @@ -19,15 +19,12 @@ function validate_credentials(host, username, password, method) end end -- must do md5 - if not hashes.md5 then - return nil, "Server misconfiguration, the md5 library is not available."; - end -- make credentials md5 local pwd = credentials.password; - if not pwd then pwd = credentials.md5; else pwd = hashes.md5(pwd); end + if not pwd then pwd = credentials.md5; else pwd = hashes.md5(pwd, true); end -- make password md5 if method == "PLAIN" then - password = hashes.md5(password or ""); + password = hashes.md5(password or "", true); elseif method ~= "DIGEST-MD5" then return nil, "Unsupported auth method"; end @@ -49,9 +46,7 @@ end function get_supported_methods(host) local methods = {["PLAIN"] = true}; -- TODO this should be taken from the config - if hashes.md5 then - methods["DIGEST-MD5"] = true; - end + methods["DIGEST-MD5"] = true; return methods; end |