aboutsummaryrefslogtreecommitdiffstats
path: root/core
diff options
context:
space:
mode:
Diffstat (limited to 'core')
-rw-r--r--core/s2smanager.lua4
-rw-r--r--core/usermanager.lua11
2 files changed, 5 insertions, 10 deletions
diff --git a/core/s2smanager.lua b/core/s2smanager.lua
index c584e78b..1cd40aa8 100644
--- a/core/s2smanager.lua
+++ b/core/s2smanager.lua
@@ -21,7 +21,7 @@ local logger_init = require "util.logger".init;
local log = logger_init("s2smanager");
-local md5_hash = require "util.hashes".md5;
+local sha256_hash = require "util.hashes".sha256;
local dialback_secret = "This is very secret!!! Ha!";
@@ -210,7 +210,7 @@ function initiate_dialback(session)
end
function generate_dialback(id, to, from)
- return md5_hash(id..to..from..dialback_secret); -- FIXME: See XEP-185 and XEP-220
+ return sha256_hash(id..to..from..dialback_secret, true);
end
function verify_dialback(id, to, from, key)
diff --git a/core/usermanager.lua b/core/usermanager.lua
index 808faf71..a5229f38 100644
--- a/core/usermanager.lua
+++ b/core/usermanager.lua
@@ -19,15 +19,12 @@ function validate_credentials(host, username, password, method)
end
end
-- must do md5
- if not hashes.md5 then
- return nil, "Server misconfiguration, the md5 library is not available.";
- end
-- make credentials md5
local pwd = credentials.password;
- if not pwd then pwd = credentials.md5; else pwd = hashes.md5(pwd); end
+ if not pwd then pwd = credentials.md5; else pwd = hashes.md5(pwd, true); end
-- make password md5
if method == "PLAIN" then
- password = hashes.md5(password or "");
+ password = hashes.md5(password or "", true);
elseif method ~= "DIGEST-MD5" then
return nil, "Unsupported auth method";
end
@@ -49,9 +46,7 @@ end
function get_supported_methods(host)
local methods = {["PLAIN"] = true}; -- TODO this should be taken from the config
- if hashes.md5 then
- methods["DIGEST-MD5"] = true;
- end
+ methods["DIGEST-MD5"] = true;
return methods;
end