aboutsummaryrefslogtreecommitdiffstats
path: root/plugins
diff options
context:
space:
mode:
authorKim Alvefur <zash@zash.se>2014-02-19 20:10:23 +0100
committerKim Alvefur <zash@zash.se>2014-02-19 20:10:23 +0100
commit9e76e7d73a59606d756d069cc402fb1c86f34f32 (patch)
tree5110e98da3ce0b1a10fa2300eee28a6b6b566fe1 /plugins
parent08f04b1419c2c8878d3836d11cd7af806a083898 (diff)
parent1a4b32a3946e64a7d056da6ba8d1011e008fe986 (diff)
downloadprosody-9e76e7d73a59606d756d069cc402fb1c86f34f32.tar.gz
prosody-9e76e7d73a59606d756d069cc402fb1c86f34f32.zip
Merge 0.10->trunk
Diffstat (limited to 'plugins')
-rw-r--r--plugins/mod_auth_internal_hashed.lua12
1 files changed, 7 insertions, 5 deletions
diff --git a/plugins/mod_auth_internal_hashed.lua b/plugins/mod_auth_internal_hashed.lua
index fb87bb9f..954392c9 100644
--- a/plugins/mod_auth_internal_hashed.lua
+++ b/plugins/mod_auth_internal_hashed.lua
@@ -7,6 +7,8 @@
-- COPYING file in the source package for more information.
--
+local max = math.max;
+
local getAuthenticationDatabaseSHA1 = require "util.sasl.scram".getAuthenticationDatabaseSHA1;
local usermanager = require "core.usermanager";
local generate_uuid = require "util.uuid".generate;
@@ -39,7 +41,7 @@ end
-- Default; can be set per-user
-local iteration_count = 4096;
+local default_iteration_count = 4096;
-- define auth provider
local provider = {};
@@ -80,8 +82,8 @@ function provider.set_password(username, password)
log("debug", "set_password for username '%s'", username);
local account = accounts:get(username);
if account then
- account.salt = account.salt or generate_uuid();
- account.iteration_count = account.iteration_count or iteration_count;
+ account.salt = generate_uuid();
+ account.iteration_count = max(account.iteration_count or 0, default_iteration_count);
local valid, stored_key, server_key = getAuthenticationDatabaseSHA1(password, account.salt, account.iteration_count);
local stored_key_hex = to_hex(stored_key);
local server_key_hex = to_hex(server_key);
@@ -113,10 +115,10 @@ function provider.create_user(username, password)
return accounts:set(username, {});
end
local salt = generate_uuid();
- local valid, stored_key, server_key = getAuthenticationDatabaseSHA1(password, salt, iteration_count);
+ local valid, stored_key, server_key = getAuthenticationDatabaseSHA1(password, salt, default_iteration_count);
local stored_key_hex = to_hex(stored_key);
local server_key_hex = to_hex(server_key);
- return accounts:set(username, {stored_key = stored_key_hex, server_key = server_key_hex, salt = salt, iteration_count = iteration_count});
+ return accounts:set(username, {stored_key = stored_key_hex, server_key = server_key_hex, salt = salt, iteration_count = default_iteration_count});
end
function provider.delete_user(username)