25
1
mirror of https://github.com/processone/ejabberd.git synced 2024-12-20 17:27:00 +01:00

Fix issue with ejabberd_xmlrpc user auth and SCRAM

After enabling SCRAM password hashing and SSL in ejabberd, XMLRPC ejabberdctl commands were resulting in errors like this:

	W(<0.2623.0>:ejabberd_xmlrpc:328) : Error -118
	A problem '{error,invalid_account_data}' occurred executing the command user_sessions_info with arguments

It seems that this because ejabberd_commands was using a different authentication check than everything else, which wasn't properly taking account for potential password hashing. (Note I'm not really sure what AccountPassMD5 is doing, but it seems to be different than the ejabberd_auth_internal's SCRAM hasing.)
This commit is contained in:
Steven Lehrburger 2012-09-18 08:02:47 +00:00 committed by Badlop
parent 2704378d43
commit 426f1107c5

View File

@ -382,10 +382,8 @@ check_auth(noauth) ->
check_auth({User, Server, Password}) ->
%% Check the account exists and password is valid
case ejabberd_auth:check_password(User, Server, Password) of
true ->
{ok, User, Server};
false ->
throw({error, invalid_account_data})
true -> {ok, User, Server};
_ -> throw({error, invalid_account_data})
end.
check_access(all, _) ->