25
1
mirror of https://github.com/processone/ejabberd.git synced 2024-12-24 17:29:28 +01:00

Fix authentication for usernames containing uppercase characters

Applies to authentication methods that compare User (normalized)
and AuthzId (was not being normalized). These are external, ldap & pam.

Fixes #2280
This commit is contained in:
Stu Tomlinson 2018-05-30 15:10:25 +01:00
parent 22d76659c0
commit 4f8af723c6

View File

@ -230,19 +230,22 @@ check_password_with_authmodule(User, AuthzId, Server, Password) ->
check_password_with_authmodule(User, AuthzId, Server, Password, Digest, DigestGen) ->
case validate_credentials(User, Server) of
{ok, LUser, LServer} ->
lists:foldl(
fun(Mod, false) ->
case db_check_password(
LUser, AuthzId, LServer, Password,
case jid:nodeprep(AuthzId) of
error ->
false;
LAuthzId ->
lists:foldl(
fun(Mod, false) ->
case db_check_password(
LUser, LAuthzId, LServer, Password,
Digest, DigestGen, Mod) of
true -> {true, Mod};
false -> false
end;
(_, Acc) ->
Acc
end, false, auth_modules(LServer));
_ ->
false
end;
(_, Acc) ->
Acc
end, false, auth_modules(LServer))
end
end.
-spec set_password(binary(), binary(), password()) -> ok | {error, atom()}.