From 4dd9af8f06977e03f4c80c4a9ebed46c7f22a7af Mon Sep 17 00:00:00 2001 From: Shivaram Lingamneni Date: Mon, 2 Aug 2021 12:26:58 -0400 Subject: [PATCH] add autogeneration of SCRAM credentials on successful PLAIN --- irc/accounts.go | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/irc/accounts.go b/irc/accounts.go index b1056969..72442dca 100644 --- a/irc/accounts.go +++ b/irc/accounts.go @@ -1113,6 +1113,11 @@ func (am *AccountManager) checkPassphrase(accountName, passphrase string) (accou if passwd.CompareHashAndPassword(account.Credentials.PassphraseHash, []byte(passphrase)) != nil { err = errAccountInvalidCredentials } + if err == nil && account.Credentials.SCRAMCreds.Iters == 0 { + // XXX: if the account was created prior to 2.8, it doesn't have SCRAM credentials; + // since we temporarily have access to a valid plaintext password, create them: + am.rehashPassword(account.Name, passphrase) + } case -1: err = am.checkLegacyPassphrase(migrations.CheckAthemePassphrase, accountName, account.Credentials.PassphraseHash, passphrase) case -2: @@ -1132,13 +1137,17 @@ func (am *AccountManager) checkLegacyPassphrase(check migrations.PassphraseCheck return errAccountInvalidCredentials } // re-hash the passphrase with the latest algorithm - err = am.setPassword(account, passphrase, true) - if err != nil { - am.server.logger.Error("internal", "could not upgrade user password", err.Error()) - } + am.rehashPassword(account, passphrase) return nil } +func (am *AccountManager) rehashPassword(accountName, passphrase string) { + err := am.setPassword(accountName, passphrase, true) + if err != nil { + am.server.logger.Error("internal", "could not upgrade user password", accountName, err.Error()) + } +} + func (am *AccountManager) loadWithAutocreation(accountName string, autocreate bool) (account ClientAccount, err error) { account, err = am.LoadAccount(accountName) if err == errAccountDoesNotExist && autocreate {