Chapril/xmpp.chapril.org-ejabberd
24
1
Fork 0
mirror of https://github.com/processone/ejabberd.git synced 2024-06-02 21:17:12 +02:00
Code Releases Activity

allow using hashes from "crypto" applications in mod_admin_extra

Browse Source
This commit is contained in:
oxpa 2018-03-02 04:10:30 -09:00
parent dbf1cabdcd
commit f2a3118ecc
1 changed files with 12 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
src/mod_admin_extra.erl
View File

@ -225,7 +225,7 @@ get_commands_spec() ->
result_desc = "Status code: 0 on success, 1 otherwise"}, result_desc = "Status code: 0 on success, 1 otherwise"},
#ejabberd_commands{name = check_password_hash, tags = [accounts], #ejabberd_commands{name = check_password_hash, tags = [accounts],
desc = "Check if the password hash is correct", desc = "Check if the password hash is correct",
longdesc = "Allowed hash methods: md5, sha.", longdesc = "Allows hash methods from crypto application",
module = ?MODULE, function = check_password_hash, module = ?MODULE, function = check_password_hash,
args = [{user, binary}, {host, binary}, {passwordhash, binary}, args = [{user, binary}, {host, binary}, {passwordhash, binary},
{hashmethod, binary}], {hashmethod, binary}],
@ -822,13 +822,15 @@ check_password(User, Host, Password) ->
%% Copied some code from ejabberd_commands.erl %% Copied some code from ejabberd_commands.erl
check_password_hash(User, Host, PasswordHash, HashMethod) -> check_password_hash(User, Host, PasswordHash, HashMethod) ->
AccountPass = ejabberd_auth:get_password_s(User, Host), AccountPass = ejabberd_auth:get_password_s(User, Host),
AccountPassHash = case {AccountPass, HashMethod} of Methods = lists:map(fun(A) -> atom_to_binary(A, latin1) end,
proplists:get_value(hashs, crypto:supports())),
MethodAllowed = lists:member(HashMethod, Methods),
AccountPassHash = case {AccountPass, MethodAllowed} of
{A, _} when is_tuple(A) -> scrammed; {A, _} when is_tuple(A) -> scrammed;
{_, <<"md5">>} -> get_md5(AccountPass); {_, true} -> get_hash(AccountPass, HashMethod);
{_, <<"sha">>} -> get_sha(AccountPass); {_, false} ->
{_, Method} ->
?ERROR_MSG("check_password_hash called " ?ERROR_MSG("check_password_hash called "
"with hash method: ~p", [Method]), "with hash method: ~p", [HashMethod]),
undefined undefined
end, end,
case AccountPassHash of case AccountPassHash of
@ -839,12 +841,11 @@ check_password_hash(User, Host, PasswordHash, HashMethod) ->
PasswordHash -> ok; PasswordHash -> ok;
_ -> false _ -> false
end. end.
get_md5(AccountPass) ->
get_hash(AccountPass, Method) ->
iolist_to_binary([io_lib:format("~2.16.0B", [X]) iolist_to_binary([io_lib:format("~2.16.0B", [X])
|| X <- binary_to_list(erlang:md5(AccountPass))]). || X <- binary_to_list(
get_sha(AccountPass) -> crypto:hash(binary_to_atom(Method, latin1), AccountPass))]).
iolist_to_binary([io_lib:format("~2.16.0B", [X])
|| X <- binary_to_list(crypto:hash(sha, AccountPass))]).
num_active_users(Host, Days) -> num_active_users(Host, Days) ->
DB_Type = gen_mod:get_module_opt(Host, mod_last, db_type), DB_Type = gen_mod:get_module_opt(Host, mod_last, db_type),