GitHub/ergo
3
0
Fork 0
mirror of https://github.com/ergochat/ergo.git synced 2025-02-19 15:10:42 +01:00
Code Issues Projects Releases Wiki Activity

Merge pull request #1765 from slingamn/autorehash

Browse Source 
add autogeneration of SCRAM credentials on successful PLAIN
This commit is contained in:
Shivaram Lingamneni 2021-08-03 00:40:47 -04:00 committed by GitHub
commit 941c12244f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 13 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
irc/accounts.go
View File

@ -1113,6 +1113,11 @@ func (am *AccountManager) checkPassphrase(accountName, passphrase string) (accou
if passwd.CompareHashAndPassword(account.Credentials.PassphraseHash, []byte(passphrase)) != nil { if passwd.CompareHashAndPassword(account.Credentials.PassphraseHash, []byte(passphrase)) != nil {
err = errAccountInvalidCredentials err = errAccountInvalidCredentials
} }
if err == nil && account.Credentials.SCRAMCreds.Iters == 0 {
// XXX: if the account was created prior to 2.8, it doesn't have SCRAM credentials;
// since we temporarily have access to a valid plaintext password, create them:
am.rehashPassword(account.Name, passphrase)
}
case -1: case -1:
err = am.checkLegacyPassphrase(migrations.CheckAthemePassphrase, accountName, account.Credentials.PassphraseHash, passphrase) err = am.checkLegacyPassphrase(migrations.CheckAthemePassphrase, accountName, account.Credentials.PassphraseHash, passphrase)
case -2: case -2:
@ -1132,13 +1137,17 @@ func (am *AccountManager) checkLegacyPassphrase(check migrations.PassphraseCheck
return errAccountInvalidCredentials return errAccountInvalidCredentials
} }
// re-hash the passphrase with the latest algorithm // re-hash the passphrase with the latest algorithm
err = am.setPassword(account, passphrase, true) am.rehashPassword(account, passphrase)
if err != nil {
am.server.logger.Error("internal", "could not upgrade user password", err.Error())
}
return nil return nil
} }
func (am *AccountManager) rehashPassword(accountName, passphrase string) {
err := am.setPassword(accountName, passphrase, true)
if err != nil {
am.server.logger.Error("internal", "could not upgrade user password", accountName, err.Error())
}
}
func (am *AccountManager) loadWithAutocreation(accountName string, autocreate bool) (account ClientAccount, err error) { func (am *AccountManager) loadWithAutocreation(accountName string, autocreate bool) (account ClientAccount, err error) {
account, err = am.LoadAccount(accountName) account, err = am.LoadAccount(accountName)
if err == errAccountDoesNotExist && autocreate { if err == errAccountDoesNotExist && autocreate {