diff options
author | Tobias Markmann <tm@ayena.de> | 2010-06-09 17:58:20 +0200 |
---|---|---|
committer | Tobias Markmann <tm@ayena.de> | 2010-06-09 17:58:20 +0200 |
commit | b0cd9c5a9a5c49c216d5131bb8eb63882c0866a9 (patch) | |
tree | 7d18c843f1222e6b949bf393aad8e8706de645b4 /plugins | |
parent | 480fa4dd0a6e7a3e0b5013996d01c8f0f885817a (diff) | |
download | prosody-b0cd9c5a9a5c49c216d5131bb8eb63882c0866a9.tar.gz prosody-b0cd9c5a9a5c49c216d5131bb8eb63882c0866a9.zip |
mod_auth_internal_hashed: Empty hashpass after conversion to stored_key/server_key and store new authentication database.
Diffstat (limited to 'plugins')
-rw-r--r-- | plugins/mod_auth_internal_hashed.lua | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/plugins/mod_auth_internal_hashed.lua b/plugins/mod_auth_internal_hashed.lua index 9025ab2e..4c9083aa 100644 --- a/plugins/mod_auth_internal_hashed.lua +++ b/plugins/mod_auth_internal_hashed.lua @@ -66,6 +66,8 @@ function new_hashpass_provider(host) local salted_password = credentials.hashpass:gsub("..", function(x) return string.char(tonumber(x, 16)); end); credentials.stored_key = sha1(hmac_sha1(salted_password, "Client Key")):gsub(".", function (c) return ("%02x"):format(c:byte()); end); credentials.server_key = hmac_sha1(salted_password, "Server Key"):gsub(".", function (c) return ("%02x"):format(c:byte()); end); + credentials.hashpass = nil + datamanager.store(username, host, "accounts", credentials); end local valid, stored_key, server_key = getAuthenticationDatabaseSHA1(password, credentials.salt, credentials.iteration_count); @@ -146,6 +148,8 @@ function new_hashpass_provider(host) local salted_password = credentials.hashpass:gsub("..", function(x) return string.char(tonumber(x, 16)); end); credentials.stored_key = sha1(hmac_sha1(salted_password, "Client Key")):gsub(".", function (c) return ("%02x"):format(c:byte()); end); credentials.server_key = hmac_sha1(salted_password, "Server Key"):gsub(".", function (c) return ("%02x"):format(c:byte()); end); + credentials.hashpass = nil + datamanager.store(username, host, "accounts", credentials); end local stored_key, server_key, iteration_count, salt = credentials.stored_key, credentials.server_key, credentials.iteration_count, credentials.salt; |