yetangitu/ejabberd
1
0
Fork 0
mirror of https://github.com/processone/ejabberd synced 2025-10-03 09:49:18 +02:00
Code Issues Releases Wiki Activity

Fix authentication for usernames containing uppercase characters

Browse source 
Applies to authentication methods that compare User (normalized)
and AuthzId (was not being normalized). These are external, ldap & pam.

Fixes #2280
This commit is contained in:
Stu Tomlinson 2018-05-30 15:10:25 +01:00
parent 22d76659c0
commit 4f8af723c6
1 changed files with 13 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

23
src/ejabberd_auth.erl
View file

@ -230,19 +230,22 @@ check_password_with_authmodule(User, AuthzId, Server, Password) ->
check_password_with_authmodule(User, AuthzId, Server, Password, Digest, DigestGen) -> check_password_with_authmodule(User, AuthzId, Server, Password, Digest, DigestGen) ->
case validate_credentials(User, Server) of case validate_credentials(User, Server) of
{ok, LUser, LServer} -> {ok, LUser, LServer} ->
lists:foldl( case jid:nodeprep(AuthzId) of
fun(Mod, false) -> error ->
case db_check_password( false;
LUser, AuthzId, LServer, Password, LAuthzId ->
lists:foldl(
fun(Mod, false) ->
case db_check_password(
LUser, LAuthzId, LServer, Password,
Digest, DigestGen, Mod) of Digest, DigestGen, Mod) of
true -> {true, Mod}; true -> {true, Mod};
false -> false false -> false
end; end;
(_, Acc) -> (_, Acc) ->
Acc Acc
end, false, auth_modules(LServer)); end, false, auth_modules(LServer))
_ -> end
false
end. end.
-spec set_password(binary(), binary(), password()) -> ok | {error, atom()}. -spec set_password(binary(), binary(), password()) -> ok | {error, atom()}.