mod_auth_internal_hashed: Pass on errors from password hash function (fixes #1477)

author: Kim Alvefur <zash@zash.se> 2019-12-23 22:42:39 +0100
committer: Kim Alvefur <zash@zash.se> 2019-12-23 22:42:39 +0100
commit: 097d7ca6638721a97bae4a92d1cdb3a41a05acdd (patch)
tree: 51b3239154dddfc5d5ffd3e161a7331c19826bc7 /plugins
parent: 4bdf3f20a96aa1734faafacb17328853956cacbd (diff)
download: prosody-097d7ca6638721a97bae4a92d1cdb3a41a05acdd.tar.gz
prosody-097d7ca6638721a97bae4a92d1cdb3a41a05acdd.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/plugins/mod_auth_internal_hashed.lua b/plugins/mod_auth_internal_hashed.lua
index 35764afb..083f648b 100644
--- a/plugins/mod_auth_internal_hashed.lua
+++ b/plugins/mod_auth_internal_hashed.lua
@@ -68,6 +68,9 @@ function provider.set_password(username, password)
 		account.salt = generate_uuid();
 		account.iteration_count = max(account.iteration_count or 0, default_iteration_count);
 		local valid, stored_key, server_key = getAuthenticationDatabaseSHA1(password, account.salt, account.iteration_count);
+		if not valid then
+			return valid, stored_key;
+		end
 		local stored_key_hex = to_hex(stored_key);
 		local server_key_hex = to_hex(server_key);
 
@@ -99,6 +102,9 @@ function provider.create_user(username, password)
 	end
 	local salt = generate_uuid();
 	local valid, stored_key, server_key = getAuthenticationDatabaseSHA1(password, salt, default_iteration_count);
+	if not valid then
+		return valid, stored_key;
+	end
 	local stored_key_hex = to_hex(stored_key);
 	local server_key_hex = to_hex(server_key);
 	return accounts:set(username, {
author	Kim Alvefur <zash@zash.se>	2019-12-23 22:42:39 +0100
committer	Kim Alvefur <zash@zash.se>	2019-12-23 22:42:39 +0100
commit	097d7ca6638721a97bae4a92d1cdb3a41a05acdd (patch)
tree	51b3239154dddfc5d5ffd3e161a7331c19826bc7 /plugins
parent	4bdf3f20a96aa1734faafacb17328853956cacbd (diff)
download	prosody-097d7ca6638721a97bae4a92d1cdb3a41a05acdd.tar.gz prosody-097d7ca6638721a97bae4a92d1cdb3a41a05acdd.zip