aboutsummaryrefslogtreecommitdiffstats
path: root/plugins
diff options
context:
space:
mode:
authorKim Alvefur <zash@zash.se>2017-07-28 13:15:29 +0200
committerKim Alvefur <zash@zash.se>2017-07-28 13:15:29 +0200
commit73b75571e6546448dac8a67c6c231c14851ccac1 (patch)
treee8ab717facc4069414f7377ed320eeac03dccc66 /plugins
parentcc8653d31c87dcdf4d140697e87b57ca5130d9d5 (diff)
downloadprosody-73b75571e6546448dac8a67c6c231c14851ccac1.tar.gz
prosody-73b75571e6546448dac8a67c6c231c14851ccac1.zip
core.usermanager, various modules: Disconnect other resources on password change (thanks waqas) (fixes #512)
Diffstat (limited to 'plugins')
-rw-r--r--plugins/mod_admin_adhoc.lua2
-rw-r--r--plugins/mod_admin_telnet.lua2
-rw-r--r--plugins/mod_auth_internal_hashed.lua4
-rw-r--r--plugins/mod_c2s.lua12
-rw-r--r--plugins/mod_register.lua2
5 files changed, 18 insertions, 4 deletions
diff --git a/plugins/mod_admin_adhoc.lua b/plugins/mod_admin_adhoc.lua
index 392e715e..f3de6793 100644
--- a/plugins/mod_admin_adhoc.lua
+++ b/plugins/mod_admin_adhoc.lua
@@ -97,7 +97,7 @@ local change_user_password_command_handler = adhoc_simple(change_user_password_l
if module_host ~= host then
return { status = "completed", error = { message = "Trying to change the password of a user on " .. host .. " but command was sent to " .. module_host}};
end
- if usermanager_user_exists(username, host) and usermanager_set_password(username, fields.password, host) then
+ if usermanager_user_exists(username, host) and usermanager_set_password(username, fields.password, host, nil) then
return { status = "completed", info = "Password successfully changed" };
else
return { status = "completed", error = { message = "User does not exist" } };
diff --git a/plugins/mod_admin_telnet.lua b/plugins/mod_admin_telnet.lua
index 293f6320..5c01f8b8 100644
--- a/plugins/mod_admin_telnet.lua
+++ b/plugins/mod_admin_telnet.lua
@@ -1030,7 +1030,7 @@ function def_env.user:password(jid, password)
elseif not um.user_exists(username, host) then
return nil, "No such user";
end
- local ok, err = um.set_password(username, password, host);
+ local ok, err = um.set_password(username, password, host, nil);
if ok then
return true, "User password changed";
else
diff --git a/plugins/mod_auth_internal_hashed.lua b/plugins/mod_auth_internal_hashed.lua
index 53e345e5..35764afb 100644
--- a/plugins/mod_auth_internal_hashed.lua
+++ b/plugins/mod_auth_internal_hashed.lua
@@ -120,7 +120,9 @@ function provider.get_sasl_handler()
local credentials = accounts:get(username);
if not credentials then return; end
if credentials.password then
- usermanager.set_password(username, credentials.password, host);
+ if provider.set_password(username, credentials.password) == nil then
+ return nil, "Auth failed. Could not set hashed password from plaintext.";
+ end
credentials = accounts:get(username);
if not credentials then return; end
end
diff --git a/plugins/mod_c2s.lua b/plugins/mod_c2s.lua
index cfeb0f0e..fbc22be6 100644
--- a/plugins/mod_c2s.lua
+++ b/plugins/mod_c2s.lua
@@ -203,6 +203,18 @@ module:hook_global("user-deleted", function(event)
end
end, 200);
+module:hook_global("user-password-changed", function(event)
+ local username, host, resource = event.username, event.host, event.resource;
+ local user = hosts[host].sessions[username];
+ if user and user.sessions then
+ for r, session in pairs(user.sessions) do
+ if r ~= resource then
+ session:close{ condition = "reset", text = "Password changed" };
+ end
+ end
+ end
+end, 200);
+
--- Port listener
function listener.onconnect(conn)
local session = sm_new_session(conn);
diff --git a/plugins/mod_register.lua b/plugins/mod_register.lua
index fd5339d9..832dd991 100644
--- a/plugins/mod_register.lua
+++ b/plugins/mod_register.lua
@@ -130,7 +130,7 @@ local function handle_registration_stanza(event)
local password = query:get_child_text("password");
if username and password then
if username == session.username then
- if usermanager_set_password(username, password, session.host) then
+ if usermanager_set_password(username, password, session.host, session.resource) then
session.send(st.reply(stanza));
else
-- TODO unable to write file, file may be locked, etc, what's the correct error?