* src/ejabberd_auth.erl: Do not allow empty password at creation. On authent, check in all cases that password is not empty.

* src/ejabberd_auth_odbc.erl: Likewise * src/ejabberd_auth_internal.erl: Likewise * src/ejabberd_auth_external.erl: Likewise SVN Revision: 1183
author: Mickaël Rémond <mickael.remond@process-one.net> 2008-02-11 21:19:42 +0300
committer: Mickaël Rémond <mickael.remond@process-one.net> 2008-02-11 21:19:42 +0300
commit: 0ae7f15ce7c6ea652333d8987c820415b17c3794 (patch)
tree: c5ea972a81ffca34b879b6700708b754f90ef8d0 /src/ejabberd_auth.erl
parent: 4b5632a2602f9795a246a346d22c3cbf33bd3411 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/src/ejabberd_auth.erl b/src/ejabberd_auth.erl
index f791c6063..62282957e 100644
--- a/src/ejabberd_auth.erl
+++ b/src/ejabberd_auth.erl
@@ -85,6 +85,9 @@ check_password(User, Server, Password, StreamID, Digest) ->
 	      M:check_password(User, Server, Password, StreamID, Digest)
       end, auth_modules(Server)).
 
+%% We do not allow empty password:
+set_password(_User, _Server, "") ->
+    {error, not_allowed};
 set_password(User, Server, Password) ->
     lists:foldl(
       fun(M, {error, _}) ->
@@ -93,6 +96,9 @@ set_password(User, Server, Password) ->
 	      Res
       end, {error, not_allowed}, auth_modules(Server)).
 
+%% We do not allow empty password:
+try_register(_User, _Server, "") ->
+    {error, not_allowed};    
 try_register(User, Server, Password) ->
     case is_user_exists(User,Server) of
 	true ->
author	Mickaël Rémond <mickael.remond@process-one.net>	2008-02-11 21:19:42 +0300
committer	Mickaël Rémond <mickael.remond@process-one.net>	2008-02-11 21:19:42 +0300
commit	0ae7f15ce7c6ea652333d8987c820415b17c3794 (patch)
tree	c5ea972a81ffca34b879b6700708b754f90ef8d0 /src/ejabberd_auth.erl
parent	4b5632a2602f9795a246a346d22c3cbf33bd3411 (diff)