From 7d767fac7fdb395b609ff07cab6b1d5eb223ae88 Mon Sep 17 00:00:00 2001
From: Badlop <badlop@process-one.net>
Date: Mon, 20 Feb 2017 12:47:56 +0100
Subject: [PATCH] Support scrammed passwords in ejabberdctl import_prosody
 (#1549)

---
 src/ejabberd_auth_mnesia.erl |  2 +-
 src/ejabberd_auth_riak.erl   |  2 +-
 src/ejabberd_auth_sql.erl    |  7 +++++--
 src/prosody2ejabberd.erl     | 19 ++++++++++++++++++-
 4 files changed, 25 insertions(+), 5 deletions(-)

diff --git a/src/ejabberd_auth_mnesia.erl b/src/ejabberd_auth_mnesia.erl
index a4e9c1f89..3145d90ca 100644
--- a/src/ejabberd_auth_mnesia.erl
+++ b/src/ejabberd_auth_mnesia.erl
@@ -174,7 +174,7 @@ try_register(User, Server, PasswordList) ->
     US = {LUser, LServer},
     if (LUser == error) or (LServer == error) ->
 	   {error, invalid_jid};
-       LPassword == error ->
+       (LPassword == error) and not is_record(Password, scram) ->
 	   {error, invalid_password};
        true ->
 	   F = fun () ->
diff --git a/src/ejabberd_auth_riak.erl b/src/ejabberd_auth_riak.erl
index df3321332..6067c35ed 100644
--- a/src/ejabberd_auth_riak.erl
+++ b/src/ejabberd_auth_riak.erl
@@ -148,7 +148,7 @@ try_register(User, Server, PasswordList) ->
     US = {LUser, LServer},
     if (LUser == error) or (LServer == error) ->
 	   {error, invalid_jid};
-       LPassword == error ->
+       LPassword == error and not is_record(Password, scram) ->
 	   {error, invalid_password};
        true ->
             case ejabberd_riak:get(passwd, passwd_schema(), US) of
diff --git a/src/ejabberd_auth_sql.erl b/src/ejabberd_auth_sql.erl
index 4228b3345..d8fc61703 100644
--- a/src/ejabberd_auth_sql.erl
+++ b/src/ejabberd_auth_sql.erl
@@ -201,12 +201,15 @@ try_register(User, Server, Password) ->
             {error, invalid_jid};
        (LUser == <<>>) or (LServer == <<>>) ->
             {error, invalid_jid};
-       LPassword == error ->
+       LPassword == error and not is_record(Password, scram) ->
 	   {error, invalid_password};
        true ->
             case is_scrammed() of
                 true ->
-                    Scram = password_to_scram(Password),
+                    Scram = case is_record(Password, scram) of
+                        true -> Password;
+                        false -> password_to_scram(Password)
+                    end,
                     case catch sql_queries:add_user_scram(
                                  LServer,
                                  LUser,
diff --git a/src/prosody2ejabberd.erl b/src/prosody2ejabberd.erl
index afb714d9b..881a5b3e7 100644
--- a/src/prosody2ejabberd.erl
+++ b/src/prosody2ejabberd.erl
@@ -109,8 +109,25 @@ eval_file(Path) ->
 	    Err
     end.
 
+maybe_get_scram_auth(Data) ->
+    case proplists:get_value(<<"iteration_count">>, Data, no_ic) of
+	IC when is_float(IC) -> %% A float like 4096.0 is read
+	    #scram{
+		storedkey = proplists:get_value(<<"stored_key">>, Data, <<"">>),
+		serverkey = proplists:get_value(<<"server_key">>, Data, <<"">>),
+		salt = proplists:get_value(<<"salt">>, Data, <<"">>),
+		iterationcount = round(IC)
+	    };
+	_ -> <<"">>
+    end.
+
 convert_data(Host, "accounts", User, [Data]) ->
-    Password = proplists:get_value(<<"password">>, Data, <<>>),
+    Password = case proplists:get_value(<<"password">>, Data, no_pass) of
+	no_pass ->
+	    maybe_get_scram_auth(Data);
+	Pass when is_binary(Pass) ->
+	    Pass
+    end,
     case ejabberd_auth:try_register(User, Host, Password) of
 	{atomic, ok} ->
 	    ok;