mod_auth_internal_hashed: Pass on errors from password hash function (fixes #1477)

author: Kim Alvefur <zash@zash.se> 2019-12-23 22:42:39 +0100
committer: Kim Alvefur <zash@zash.se> 2019-12-23 22:42:39 +0100
commit: 32bb14048a8297a341dd07090d030e088657f9ad (patch)
tree: 51b3239154dddfc5d5ffd3e161a7331c19826bc7 /plugins
parent: d25a2f42a98fa28d790cbab67887e0e20b45fb92 (diff)
download: prosody-32bb14048a8297a341dd07090d030e088657f9ad.tar.gz
prosody-32bb14048a8297a341dd07090d030e088657f9ad.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/plugins/mod_auth_internal_hashed.lua b/plugins/mod_auth_internal_hashed.lua
index 35764afb..083f648b 100644
--- a/plugins/mod_auth_internal_hashed.lua
+++ b/plugins/mod_auth_internal_hashed.lua
@@ -68,6 +68,9 @@ function provider.set_password(username, password)
 		account.salt = generate_uuid();
 		account.iteration_count = max(account.iteration_count or 0, default_iteration_count);
 		local valid, stored_key, server_key = getAuthenticationDatabaseSHA1(password, account.salt, account.iteration_count);
+		if not valid then
+			return valid, stored_key;
+		end
 		local stored_key_hex = to_hex(stored_key);
 		local server_key_hex = to_hex(server_key);
 
@@ -99,6 +102,9 @@ function provider.create_user(username, password)
 	end
 	local salt = generate_uuid();
 	local valid, stored_key, server_key = getAuthenticationDatabaseSHA1(password, salt, default_iteration_count);
+	if not valid then
+		return valid, stored_key;
+	end
 	local stored_key_hex = to_hex(stored_key);
 	local server_key_hex = to_hex(server_key);
 	return accounts:set(username, {
author	Kim Alvefur <zash@zash.se>	2019-12-23 22:42:39 +0100
committer	Kim Alvefur <zash@zash.se>	2019-12-23 22:42:39 +0100
commit	32bb14048a8297a341dd07090d030e088657f9ad (patch)
tree	51b3239154dddfc5d5ffd3e161a7331c19826bc7 /plugins
parent	d25a2f42a98fa28d790cbab67887e0e20b45fb92 (diff)
download	prosody-32bb14048a8297a341dd07090d030e088657f9ad.tar.gz prosody-32bb14048a8297a341dd07090d030e088657f9ad.zip