Chapril/xmpp.chapril.org-ejabberd
24
1
Fork 0
mirror of https://github.com/processone/ejabberd.git synced 2024-06-24 22:25:47 +02:00
Code Releases Activity

Make convert_to_scram work with all backends

Browse Source
This commit is contained in:
Paweł Chmielowski 2019-11-27 10:35:52 +01:00
parent a9f3fd2179
commit 71c44bff8b
3 changed files with 25 additions and 53 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/ejabberd_admin.erl
View File

@ -269,12 +269,11 @@ get_commands_spec() ->
args_example = ["example.com"],
args = [{host, string}], result = {res, rescode}},
#ejabberd_commands{name = convert_to_scram, tags = [sql],
desc = "Convert the passwords in 'users' ODBC table to SCRAM",
module = ejabberd_auth_sql, function = convert_to_scram,
desc = "Convert the passwords of users to SCRAM",
module = ejabberd_auth, function = convert_to_scram,
args_desc = ["Vhost which users' passwords will be scrammed"],
args_example = ["example.com"],
args = [{host, binary}], result = {res, rescode}},
#ejabberd_commands{name = import_prosody, tags = [mnesia, sql],
desc = "Import data from Prosody",
longdesc = "Note: this method requires ejabberd compiled with optional tools support "

23
src/ejabberd_auth.erl
View File

@ -46,7 +46,7 @@
-export([init/1, handle_call/3, handle_cast/2, handle_info/2,
terminate/2, code_change/3]).
-export([auth_modules/1]).
-export([auth_modules/1, convert_to_scram/1]).
-include("scram.hrl").
-include("logger.hrl").
@ -915,3 +915,24 @@ import(Server, {sql, _}, mnesia, <<"users">>, Fields) ->
ejabberd_auth_mnesia:import(Server, Fields);
import(_LServer, {sql, _}, sql, <<"users">>, _) ->
ok.
-spec convert_to_scram(binary()) -> {error, any()} | ok.
convert_to_scram(Server) ->
LServer = jid:nameprep(Server),
if
LServer == error;
LServer == <<>> ->
{error, {incorrect_server_name, Server}};
true ->
lists:foreach(
fun({U, S}) ->
case get_password(U, S) of
Pass when is_binary(Pass) ->
SPass = password_to_scram(Pass),
set_password(U, S, SPass);
_ ->
ok
end
end, get_users(LServer)),
ok
end.

50
src/ejabberd_auth_sql.erl
View File

@ -33,7 +33,7 @@
-export([start/1, stop/1, set_password/3, try_register/3,
get_users/2, count_users/2, get_password/2,
remove_user/2, store_type/1, plain_password_required/1,
convert_to_scram/1, export/1, which_users_exists/2]).
export/1, which_users_exists/2]).
-include("scram.hrl").
-include("logger.hrl").
@ -269,54 +269,6 @@ which_users_exists(LServer, LUsers) ->
end
end.
convert_to_scram(Server) ->
LServer = jid:nameprep(Server),
if
LServer == error;
LServer == <<>> ->
{error, {incorrect_server_name, Server}};
true ->
F = fun () ->
BatchSize = ?BATCH_SIZE,
case ejabberd_sql:sql_query_t(
?SQL("select @(username)s, @(password)s"
" from users"
" where iterationcount=0 and %(LServer)H"
" limit %(BatchSize)d")) of
{selected, []} ->
ok;
{selected, Rs} ->
lists:foreach(
fun({LUser, Password}) ->
case jid:resourceprep(Password) of
error ->
?ERROR_MSG(
"SASLprep failed for "
"password of user ~ts@~ts",
[LUser, LServer]);
_ ->
Scram = ejabberd_auth:password_to_scram(Password),
set_password_scram_t(
LUser, LServer,
Scram#scram.storedkey,
Scram#scram.serverkey,
Scram#scram.salt,
Scram#scram.iterationcount)
end
end, Rs),
continue;
Err -> {bad_reply, Err}
end
end,
case ejabberd_sql:sql_transaction(LServer, F) of
{atomic, ok} -> ok;
{atomic, continue} -> convert_to_scram(Server);
{atomic, Error} -> {error, Error};
Error -> Error
end
end.
export(_Server) ->
[{passwd,
fun(Host, #passwd{us = {LUser, LServer}, password = Password})