From b4ea1625e41310c4e25eaa13982a7d313089107d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Chmielowski?= Date: Thu, 22 Oct 2020 11:09:14 +0200 Subject: [PATCH] Don't use same value in cache for user don't exist and wrong password By doing this check_password that returned info about mismatched password caused user_exists checks performed after that to return wrongly that account doesn't exist. --- src/ejabberd_auth.erl | 28 +++++++++++++++++++--------- 1 file changed, 19 insertions(+), 9 deletions(-) diff --git a/src/ejabberd_auth.erl b/src/ejabberd_auth.erl index 9623dc96e..112d677be 100644 --- a/src/ejabberd_auth.erl +++ b/src/ejabberd_auth.erl @@ -605,6 +605,7 @@ db_get_password(User, Server, Mod) -> false when UseCache -> case ets_cache:lookup(cache_tab(Mod), {User, Server}) of {ok, exists} -> error; + not_found -> error; Other -> Other end; false -> @@ -621,20 +622,29 @@ db_user_exists(User, Server, Mod) -> case db_get_password(User, Server, Mod) of {ok, _} -> true; + not_found -> + false; error -> case {Mod:store_type(Server), use_cache(Mod, Server)} of {external, true} -> - case ets_cache:lookup( - cache_tab(Mod), {User, Server}, - fun() -> - case Mod:user_exists(User, Server) of - {CacheTag, true} -> {CacheTag, {ok, exists}}; - {CacheTag, false} -> {CacheTag, error}; - {_, {error, _}} = Err -> Err - end - end) of + Val = case ets_cache:lookup(cache_tab(Mod), {User, Server}, error) of + error -> + ets_cache:update(cache_tab(Mod), {User, Server}, {ok, exists}, + fun() -> + case Mod:user_exists(User, Server) of + {CacheTag, true} -> {CacheTag, {ok, exists}}; + {CacheTag, false} -> {CacheTag, not_found}; + {_, {error, _}} = Err -> Err + end + end); + Other -> + Other + end, + case Val of {ok, _} -> true; + not_found -> + false; error -> false; {error, _} = Err ->