mirror of
https://github.com/processone/ejabberd.git
synced 2024-12-20 17:27:00 +01:00
Fix issue with ejabberd_xmlrpc user auth and SCRAM
After enabling SCRAM password hashing and SSL in ejabberd, XMLRPC ejabberdctl commands were resulting in errors like this: W(<0.2623.0>:ejabberd_xmlrpc:328) : Error -118 A problem '{error,invalid_account_data}' occurred executing the command user_sessions_info with arguments It seems that this because ejabberd_commands was using a different authentication check than everything else, which wasn't properly taking account for potential password hashing. (Note I'm not really sure what AccountPassMD5 is doing, but it seems to be different than the ejabberd_auth_internal's SCRAM hasing.)
This commit is contained in:
parent
2704378d43
commit
426f1107c5
@ -382,10 +382,8 @@ check_auth(noauth) ->
|
||||
check_auth({User, Server, Password}) ->
|
||||
%% Check the account exists and password is valid
|
||||
case ejabberd_auth:check_password(User, Server, Password) of
|
||||
true ->
|
||||
{ok, User, Server};
|
||||
false ->
|
||||
throw({error, invalid_account_data})
|
||||
true -> {ok, User, Server};
|
||||
_ -> throw({error, invalid_account_data})
|
||||
end.
|
||||
|
||||
check_access(all, _) ->
|
||||
|
Loading…
Reference in New Issue
Block a user