From 6a659d74753fceb4076ae05682916dd5244ac339 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Chmielowski?= Date: Thu, 10 Dec 2020 14:00:13 +0100 Subject: [PATCH] Improve handling of old scram data in auth_mnesia --- src/ejabberd_auth_mnesia.erl | 21 +++++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/src/ejabberd_auth_mnesia.erl b/src/ejabberd_auth_mnesia.erl index 3537d741a..92d30891b 100644 --- a/src/ejabberd_auth_mnesia.erl +++ b/src/ejabberd_auth_mnesia.erl @@ -207,7 +207,8 @@ remove_user(User, Server) -> need_transform(#reg_users_counter{}) -> false; need_transform({passwd, {U, S}, Pass}) -> - if is_binary(Pass) -> + case Pass of + _ when is_binary(Pass) -> case store_type(S) of scram -> ?INFO_MSG("Passwords in Mnesia table 'passwd' " @@ -216,7 +217,7 @@ need_transform({passwd, {U, S}, Pass}) -> plain -> false end; - is_record(Pass, scram) -> + {scram, _, _, _, _} -> case store_type(S) of scram -> false; @@ -228,7 +229,19 @@ need_transform({passwd, {U, S}, Pass}) -> "would *fail*", []), false end; - is_list(U) orelse is_list(S) orelse is_list(Pass) -> + #scram{} -> + case store_type(S) of + scram -> + false; + plain -> + ?WARNING_MSG("Some passwords were stored in the database " + "as SCRAM, but 'auth_password_format' " + "is not configured as 'scram': some " + "authentication mechanisms such as DIGEST-MD5 " + "would *fail*", []), + false + end; + _ when is_list(U) orelse is_list(S) orelse is_list(Pass) -> ?INFO_MSG("Mnesia table 'passwd' will be converted to binary", []), true end. @@ -258,7 +271,7 @@ transform(#passwd{us = {U, S}, password = Password} = P) [U, S]), P; _ -> - Scram = ejabberd_auth:password_to_scram(global, Password), + Scram = ejabberd_auth:password_to_scram(S, Password), P#passwd{password = Scram} end; plain ->