diff options
-rw-r--r-- | DEPENDS | 1 | ||||
-rw-r--r-- | core/s2smanager.lua | 4 | ||||
-rw-r--r-- | core/usermanager.lua | 11 | ||||
-rw-r--r-- | plugins/mod_saslauth.lua | 5 | ||||
-rw-r--r-- | util-src/Makefile | 4 | ||||
-rw-r--r-- | util-src/make.bat | 1 | ||||
-rw-r--r-- | util/dependencies.lua | 8 | ||||
-rw-r--r-- | util/hashes.lua | 30 | ||||
-rw-r--r-- | util/sasl.lua | 14 |
9 files changed, 16 insertions, 62 deletions
@@ -3,7 +3,6 @@ The easiest way to install dependencies is using the luarocks tool. Rocks: luaexpat luasocket -lbase64 Non-rocks: LuaSec for SSL connections diff --git a/core/s2smanager.lua b/core/s2smanager.lua index c584e78b..1cd40aa8 100644 --- a/core/s2smanager.lua +++ b/core/s2smanager.lua @@ -21,7 +21,7 @@ local logger_init = require "util.logger".init; local log = logger_init("s2smanager"); -local md5_hash = require "util.hashes".md5; +local sha256_hash = require "util.hashes".sha256; local dialback_secret = "This is very secret!!! Ha!"; @@ -210,7 +210,7 @@ function initiate_dialback(session) end function generate_dialback(id, to, from) - return md5_hash(id..to..from..dialback_secret); -- FIXME: See XEP-185 and XEP-220 + return sha256_hash(id..to..from..dialback_secret, true); end function verify_dialback(id, to, from, key) diff --git a/core/usermanager.lua b/core/usermanager.lua index 808faf71..a5229f38 100644 --- a/core/usermanager.lua +++ b/core/usermanager.lua @@ -19,15 +19,12 @@ function validate_credentials(host, username, password, method) end end -- must do md5 - if not hashes.md5 then - return nil, "Server misconfiguration, the md5 library is not available."; - end -- make credentials md5 local pwd = credentials.password; - if not pwd then pwd = credentials.md5; else pwd = hashes.md5(pwd); end + if not pwd then pwd = credentials.md5; else pwd = hashes.md5(pwd, true); end -- make password md5 if method == "PLAIN" then - password = hashes.md5(password or ""); + password = hashes.md5(password or "", true); elseif method ~= "DIGEST-MD5" then return nil, "Unsupported auth method"; end @@ -49,9 +46,7 @@ end function get_supported_methods(host) local methods = {["PLAIN"] = true}; -- TODO this should be taken from the config - if hashes.md5 then - methods["DIGEST-MD5"] = true; - end + methods["DIGEST-MD5"] = true; return methods; end diff --git a/plugins/mod_saslauth.lua b/plugins/mod_saslauth.lua index f549d0b9..616c5118 100644 --- a/plugins/mod_saslauth.lua +++ b/plugins/mod_saslauth.lua @@ -2,12 +2,13 @@ local st = require "util.stanza"; local sm_bind_resource = require "core.sessionmanager".bind_resource; local jid -local base64 = require "base64" +local base64 = require "util.encodings".base64; local usermanager_validate_credentials = require "core.usermanager".validate_credentials; local t_concat, t_insert = table.concat, table.insert; local tostring = tostring; local jid_split = require "util.jid".split +local md5 = require "util.hashes".md5; local log = require "util.logger".init("mod_saslauth"); @@ -50,7 +51,7 @@ local function password_callback(node, host, mechanism) if mechanism == "PLAIN" then return func, password; elseif mechanism == "DIGEST-MD5" then - return func, require "md5".sum(node..":"..host..":"..password); + return func, md5(node..":"..host..":"..password); end end return func, nil; diff --git a/util-src/Makefile b/util-src/Makefile index 205e51d2..a4901c95 100644 --- a/util-src/Makefile +++ b/util-src/Makefile @@ -1,7 +1,4 @@ -!IFDEF WINDIR -!INCLUDE Makefile.win -!ELSE LUA_INCLUDE=/usr/include/lua5.1 LUA_LIB=lua5.1 @@ -26,4 +23,3 @@ encodings.so: encodings.c hashes.so: hashes.c gcc -shared hashes.c -I$(LUA_INCLUDE) -l$(LUA_LIB) -l$(OPENSSL_LIB) -o hashes.so -!ENDIF diff --git a/util-src/make.bat b/util-src/make.bat new file mode 100644 index 00000000..07858296 --- /dev/null +++ b/util-src/make.bat @@ -0,0 +1 @@ +@nmake /nologo /f Makefile.win %*
\ No newline at end of file diff --git a/util/dependencies.lua b/util/dependencies.lua index 3213a356..682afd15 100644 --- a/util/dependencies.lua +++ b/util/dependencies.lua @@ -43,12 +43,4 @@ if not ssl then end -local md5 = softreq "md5"; - -if not md5 then - missingdep("MD5", { ["luarocks"] = "luarocks install md5"; ["Source"] = "http://luaforge.net/frs/?group_id=155" }); - fatal = true; -end - - if fatal then os.exit(1); end diff --git a/util/hashes.lua b/util/hashes.lua deleted file mode 100644 index 2fd0fbd8..00000000 --- a/util/hashes.lua +++ /dev/null @@ -1,30 +0,0 @@ - -local softreq = function (...) local ok, lib = pcall(require, ...); if ok then return lib; else return nil; end end -local error = error; - -module "hashes" - -local md5 = softreq("md5"); -if md5 then - if md5.digest then - local md5_digest = md5.digest; - local sha1_digest = sha1.digest; - function _M.md5(input) - return md5_digest(input); - end - function _M.sha1(input) - return sha1_digest(input); - end - elseif md5.sumhexa then - local md5_sumhexa = md5.sumhexa; - function _M.md5(input) - return md5_sumhexa(input); - end - else - error("md5 library found, but unrecognised... no hash functions will be available", 0); - end -else - error("No md5 library found. Install md5 using luarocks, for example", 0); -end - -return _M; diff --git a/util/sasl.lua b/util/sasl.lua index 7cabd8b3..001f40fb 100644 --- a/util/sasl.lua +++ b/util/sasl.lua @@ -1,5 +1,5 @@ -local md5 = require "md5" +local md5 = require "util.hashes".md5; local log = require "util.logger".init("sasl"); local tostring = tostring; local st = require "util.stanza"; @@ -132,21 +132,21 @@ local function new_digest_md5(realm, password_handler) local A1 = Y..":"..response["nonce"]..":"..response["cnonce"]--:authzid local A2 = "AUTHENTICATE:"..protocol.."/"..domain - local HA1 = md5.sumhexa(A1) - local HA2 = md5.sumhexa(A2) + local HA1 = md5(A1, true) + local HA2 = md5(A2, true) local KD = HA1..":"..response["nonce"]..":"..response["nc"]..":"..response["cnonce"]..":"..response["qop"]..":"..HA2 - local response_value = md5.sumhexa(KD) + local response_value = md5(KD, true) if response_value == response["response"] then -- calculate rspauth A2 = ":"..protocol.."/"..domain - HA1 = md5.sumhexa(A1) - HA2 = md5.sumhexa(A2) + HA1 = md5(A1, true) + HA2 = md5(A2, true) KD = HA1..":"..response["nonce"]..":"..response["nc"]..":"..response["cnonce"]..":"..response["qop"]..":"..HA2 - local rspauth = md5.sumhexa(KD) + local rspauth = md5(KD, true) self.authenticated = true return "challenge", serialize({rspauth = rspauth}) else |