diff options
| author | Steven Lehrburger <lehrburger@gmail.com> | 2012-09-18 12:02:47 +0400 |
|---|---|---|
| committer | Badlop <badlop@process-one.net> | 2013-02-04 15:57:56 +0400 |
| commit | 426f1107c526caaad1d1dd1438f4a935fab9fc63 (patch) | |
| tree | 1f21160167d7a27b12d7a14d74f1deea4c29b9c0 | |
| parent | 2704378d43035474c5f3d8a656b81c7bc28b5ff9 (diff) | |
Fix issue with ejabberd_xmlrpc user auth and SCRAM
After enabling SCRAM password hashing and SSL in ejabberd, XMLRPC ejabberdctl commands were resulting in errors like this:
W(<0.2623.0>:ejabberd_xmlrpc:328) : Error -118
A problem '{error,invalid_account_data}' occurred executing the command user_sessions_info with arguments
It seems that this because ejabberd_commands was using a different authentication check than everything else, which wasn't properly taking account for potential password hashing. (Note I'm not really sure what AccountPassMD5 is doing, but it seems to be different than the ejabberd_auth_internal's SCRAM hasing.)
| -rw-r--r-- | src/ejabberd_commands.erl | 6 |
1 files changed, 2 insertions, 4 deletions
diff --git a/src/ejabberd_commands.erl b/src/ejabberd_commands.erl index 1cb73d811..b61ef46de 100644 --- a/src/ejabberd_commands.erl +++ b/src/ejabberd_commands.erl @@ -382,10 +382,8 @@ check_auth(noauth) -> check_auth({User, Server, Password}) -> %% Check the account exists and password is valid case ejabberd_auth:check_password(User, Server, Password) of - true -> - {ok, User, Server}; - false -> - throw({error, invalid_account_data}) + true -> {ok, User, Server}; + _ -> throw({error, invalid_account_data}) end. check_access(all, _) -> |