mirror of
https://github.com/processone/ejabberd.git
synced 2025-01-01 17:53:00 +01:00
Make convert_to_scram work with all backends
This commit is contained in:
parent
a9f3fd2179
commit
71c44bff8b
@ -269,12 +269,11 @@ get_commands_spec() ->
|
||||
args_example = ["example.com"],
|
||||
args = [{host, string}], result = {res, rescode}},
|
||||
#ejabberd_commands{name = convert_to_scram, tags = [sql],
|
||||
desc = "Convert the passwords in 'users' ODBC table to SCRAM",
|
||||
module = ejabberd_auth_sql, function = convert_to_scram,
|
||||
desc = "Convert the passwords of users to SCRAM",
|
||||
module = ejabberd_auth, function = convert_to_scram,
|
||||
args_desc = ["Vhost which users' passwords will be scrammed"],
|
||||
args_example = ["example.com"],
|
||||
args = [{host, binary}], result = {res, rescode}},
|
||||
|
||||
#ejabberd_commands{name = import_prosody, tags = [mnesia, sql],
|
||||
desc = "Import data from Prosody",
|
||||
longdesc = "Note: this method requires ejabberd compiled with optional tools support "
|
||||
|
@ -46,7 +46,7 @@
|
||||
-export([init/1, handle_call/3, handle_cast/2, handle_info/2,
|
||||
terminate/2, code_change/3]).
|
||||
|
||||
-export([auth_modules/1]).
|
||||
-export([auth_modules/1, convert_to_scram/1]).
|
||||
|
||||
-include("scram.hrl").
|
||||
-include("logger.hrl").
|
||||
@ -915,3 +915,24 @@ import(Server, {sql, _}, mnesia, <<"users">>, Fields) ->
|
||||
ejabberd_auth_mnesia:import(Server, Fields);
|
||||
import(_LServer, {sql, _}, sql, <<"users">>, _) ->
|
||||
ok.
|
||||
|
||||
-spec convert_to_scram(binary()) -> {error, any()} | ok.
|
||||
convert_to_scram(Server) ->
|
||||
LServer = jid:nameprep(Server),
|
||||
if
|
||||
LServer == error;
|
||||
LServer == <<>> ->
|
||||
{error, {incorrect_server_name, Server}};
|
||||
true ->
|
||||
lists:foreach(
|
||||
fun({U, S}) ->
|
||||
case get_password(U, S) of
|
||||
Pass when is_binary(Pass) ->
|
||||
SPass = password_to_scram(Pass),
|
||||
set_password(U, S, SPass);
|
||||
_ ->
|
||||
ok
|
||||
end
|
||||
end, get_users(LServer)),
|
||||
ok
|
||||
end.
|
||||
|
@ -33,7 +33,7 @@
|
||||
-export([start/1, stop/1, set_password/3, try_register/3,
|
||||
get_users/2, count_users/2, get_password/2,
|
||||
remove_user/2, store_type/1, plain_password_required/1,
|
||||
convert_to_scram/1, export/1, which_users_exists/2]).
|
||||
export/1, which_users_exists/2]).
|
||||
|
||||
-include("scram.hrl").
|
||||
-include("logger.hrl").
|
||||
@ -269,54 +269,6 @@ which_users_exists(LServer, LUsers) ->
|
||||
end
|
||||
end.
|
||||
|
||||
|
||||
convert_to_scram(Server) ->
|
||||
LServer = jid:nameprep(Server),
|
||||
if
|
||||
LServer == error;
|
||||
LServer == <<>> ->
|
||||
{error, {incorrect_server_name, Server}};
|
||||
true ->
|
||||
F = fun () ->
|
||||
BatchSize = ?BATCH_SIZE,
|
||||
case ejabberd_sql:sql_query_t(
|
||||
?SQL("select @(username)s, @(password)s"
|
||||
" from users"
|
||||
" where iterationcount=0 and %(LServer)H"
|
||||
" limit %(BatchSize)d")) of
|
||||
{selected, []} ->
|
||||
ok;
|
||||
{selected, Rs} ->
|
||||
lists:foreach(
|
||||
fun({LUser, Password}) ->
|
||||
case jid:resourceprep(Password) of
|
||||
error ->
|
||||
?ERROR_MSG(
|
||||
"SASLprep failed for "
|
||||
"password of user ~ts@~ts",
|
||||
[LUser, LServer]);
|
||||
_ ->
|
||||
Scram = ejabberd_auth:password_to_scram(Password),
|
||||
set_password_scram_t(
|
||||
LUser, LServer,
|
||||
Scram#scram.storedkey,
|
||||
Scram#scram.serverkey,
|
||||
Scram#scram.salt,
|
||||
Scram#scram.iterationcount)
|
||||
end
|
||||
end, Rs),
|
||||
continue;
|
||||
Err -> {bad_reply, Err}
|
||||
end
|
||||
end,
|
||||
case ejabberd_sql:sql_transaction(LServer, F) of
|
||||
{atomic, ok} -> ok;
|
||||
{atomic, continue} -> convert_to_scram(Server);
|
||||
{atomic, Error} -> {error, Error};
|
||||
Error -> Error
|
||||
end
|
||||
end.
|
||||
|
||||
export(_Server) ->
|
||||
[{passwd,
|
||||
fun(Host, #passwd{us = {LUser, LServer}, password = Password})
|
||||
|
Loading…
Reference in New Issue
Block a user