From 392a5dc56c0fccbfe1a01d2cbafd95a405162b70 Mon Sep 17 00:00:00 2001 From: Tobias Markmann Date: Tue, 8 Jun 2010 14:54:47 +0200 Subject: mod_auth_internal_hashed: Store stored_key and server_key when setting a password. --- plugins/mod_auth_internal_hashed.lua | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) (limited to 'plugins/mod_auth_internal_hashed.lua') diff --git a/plugins/mod_auth_internal_hashed.lua b/plugins/mod_auth_internal_hashed.lua index 50e0e052..c1e56ab6 100644 --- a/plugins/mod_auth_internal_hashed.lua +++ b/plugins/mod_auth_internal_hashed.lua @@ -53,6 +53,8 @@ function new_hashpass_provider(host) return nil, "Auth failed. Stored salt and iteration count information is not complete."; end + if credentials.saltedPasswordSHA1 + local valid, stored_key, server_key = getAuthenticationDatabaseSHA1(password, credentials.salt, credentials.iteration_count); local stored_key_hex = stored_key:gsub(".", function (c) return ("%02x"):format(c:byte()); end); local server_key_hex = server_key:gsub(".", function (c) return ("%02x"):format(c:byte()); end); @@ -75,10 +77,13 @@ function new_hashpass_provider(host) if account.salt == nil then account.salt = generate_uuid(); end - - local valid, binpass = saltedPasswordSHA1(password, account.salt, account.iteration_count); - local hexpass = binpass:gsub(".", function (c) return ("%02x"):format(c:byte()); end); - account.hashpass = hexpass; + + local valid, stored_key, server_key = getAuthenticationDatabaseSHA1(password, credentials.salt, credentials.iteration_count); + local stored_key_hex = stored_key:gsub(".", function (c) return ("%02x"):format(c:byte()); end); + local server_key_hex = server_key:gsub(".", function (c) return ("%02x"):format(c:byte()); end); + + account.stored_key = stored_key_hex + account.server_key = server_key_hex account.password = nil; return datamanager.store(username, host, "accounts", account); -- cgit v1.2.3