diff options
| author | Kim Alvefur <zash@zash.se> | 2014-02-19 20:10:23 +0100 |
|---|---|---|
| committer | Kim Alvefur <zash@zash.se> | 2014-02-19 20:10:23 +0100 |
| commit | f27987785f1a4cce95652eb87eea5d2281d13d4d (patch) | |
| tree | 5110e98da3ce0b1a10fa2300eee28a6b6b566fe1 /plugins | |
| parent | 741b175347e86a18273060fc884b1d5c8899cc5e (diff) | |
| parent | e4186638c7e61215b1df2020a98ae5e7dce313f4 (diff) | |
| download | prosody-f27987785f1a4cce95652eb87eea5d2281d13d4d.tar.gz prosody-f27987785f1a4cce95652eb87eea5d2281d13d4d.zip | |
Merge 0.10->trunk
Diffstat (limited to 'plugins')
| -rw-r--r-- | plugins/mod_auth_internal_hashed.lua | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/plugins/mod_auth_internal_hashed.lua b/plugins/mod_auth_internal_hashed.lua index fb87bb9f..954392c9 100644 --- a/plugins/mod_auth_internal_hashed.lua +++ b/plugins/mod_auth_internal_hashed.lua @@ -7,6 +7,8 @@ -- COPYING file in the source package for more information. -- +local max = math.max; + local getAuthenticationDatabaseSHA1 = require "util.sasl.scram".getAuthenticationDatabaseSHA1; local usermanager = require "core.usermanager"; local generate_uuid = require "util.uuid".generate; @@ -39,7 +41,7 @@ end -- Default; can be set per-user -local iteration_count = 4096; +local default_iteration_count = 4096; -- define auth provider local provider = {}; @@ -80,8 +82,8 @@ function provider.set_password(username, password) log("debug", "set_password for username '%s'", username); local account = accounts:get(username); if account then - account.salt = account.salt or generate_uuid(); - account.iteration_count = account.iteration_count or iteration_count; + account.salt = generate_uuid(); + account.iteration_count = max(account.iteration_count or 0, default_iteration_count); local valid, stored_key, server_key = getAuthenticationDatabaseSHA1(password, account.salt, account.iteration_count); local stored_key_hex = to_hex(stored_key); local server_key_hex = to_hex(server_key); @@ -113,10 +115,10 @@ function provider.create_user(username, password) return accounts:set(username, {}); end local salt = generate_uuid(); - local valid, stored_key, server_key = getAuthenticationDatabaseSHA1(password, salt, iteration_count); + local valid, stored_key, server_key = getAuthenticationDatabaseSHA1(password, salt, default_iteration_count); local stored_key_hex = to_hex(stored_key); local server_key_hex = to_hex(server_key); - return accounts:set(username, {stored_key = stored_key_hex, server_key = server_key_hex, salt = salt, iteration_count = iteration_count}); + return accounts:set(username, {stored_key = stored_key_hex, server_key = server_key_hex, salt = salt, iteration_count = default_iteration_count}); end function provider.delete_user(username) |