25
1
mirror of https://github.com/processone/ejabberd.git synced 2024-11-28 16:34:13 +01:00

Fix authentication for usernames containing uppercase characters

Applies to authentication methods that compare User (normalized)
and AuthzId (was not being normalized). These are external, ldap & pam.

Fixes #2280
This commit is contained in:
Stu Tomlinson 2018-05-30 15:10:25 +01:00
parent 22d76659c0
commit 4f8af723c6

View File

@ -230,19 +230,22 @@ check_password_with_authmodule(User, AuthzId, Server, Password) ->
check_password_with_authmodule(User, AuthzId, Server, Password, Digest, DigestGen) -> check_password_with_authmodule(User, AuthzId, Server, Password, Digest, DigestGen) ->
case validate_credentials(User, Server) of case validate_credentials(User, Server) of
{ok, LUser, LServer} -> {ok, LUser, LServer} ->
case jid:nodeprep(AuthzId) of
error ->
false;
LAuthzId ->
lists:foldl( lists:foldl(
fun(Mod, false) -> fun(Mod, false) ->
case db_check_password( case db_check_password(
LUser, AuthzId, LServer, Password, LUser, LAuthzId, LServer, Password,
Digest, DigestGen, Mod) of Digest, DigestGen, Mod) of
true -> {true, Mod}; true -> {true, Mod};
false -> false false -> false
end; end;
(_, Acc) -> (_, Acc) ->
Acc Acc
end, false, auth_modules(LServer)); end, false, auth_modules(LServer))
_ -> end
false
end. end.
-spec set_password(binary(), binary(), password()) -> ok | {error, atom()}. -spec set_password(binary(), binary(), password()) -> ok | {error, atom()}.