mirrors/prosody
1
0
Fork 0
mirror of https://github.com/bjc/prosody.git synced 2025-04-04 13:47:41 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions
12902 commits 12 branches 101 tags 40 MiB
Commit graph

61 commits

Author SHA1 Message Date
Kim Alvefur
4704e98af6 mod_auth_internal_hashed: Add stub methods for enabling and disabling users 
But how and where?
 2023-02-22 15:32:40 +01:00
Kim Alvefur
01fedfa5be mod_auth_internal_hashed: Refactor to prepare for disabling users 
Moving this out will make space for a dynamic check whether a particular
user is disabled or not, which is one possible response to abuse of
account privileges.
 2023-02-22 13:27:08 +01:00
Kim Alvefur
8ff2f04e4c mod_auth_internal_hashed: Allow creating disabled account without password 
Otherwise, create_user(username, nil) leads to the account being
deleted.
 2022-08-18 17:50:56 +02:00
Matthew Wild
4db3d15723 usermanager, mod_auth_*: Add get_account_info() returning creation/update time 
This is useful for a number of things. For example, listing users that need to
rotate their passwords after some event. It also provides a safer way for code
to determine that a user password has changed without needing to set a handler
for the password change event (which is a more fragile approach).
 2022-07-12 13:14:47 +01:00
Matthew Wild
ab835fed13 util.hex: Deprecate to/from in favour of encode/decode, for consistency! 2022-03-04 15:22:45 +00:00
Kim Alvefur
4261dc1d80 mod_auth_internal_hashed: Up iteration count to 10000 per XEP-0438 
More security for less pain than switching to SCRAM-SHA-256

The XEP will likely be change to reference the RFC that will probably
come from draft-ietf-kitten-password-storage once it is ready, and then
we should update to follow that.
 2021-12-26 16:51:04 +01:00
Kim Alvefur
c122d673e6 mod_auth_internal_hashed: Make SCRAM iteration count configurable 2021-12-26 16:37:50 +01:00
Matthew Wild
5bc8b2a379 Merge 0.11->trunk 2021-05-13 11:17:13 +01:00
Matthew Wild
6a54d2d2c4 mod_auth_internal_{plain,hashed}: Use constant-time string comparison for secrets 2021-05-10 16:50:24 +01:00
Kim Alvefur
71c6728e69 mod_auth_internal_*: Apply saslprep to passwords 
Related to #1560
 2020-05-23 14:17:04 +02:00
Kim Alvefur
e083756418 Merge 0.11->trunk 2020-06-06 00:54:28 +02:00
Kim Alvefur
1eabf5bdb4 Merge 0.11->trunk 2019-12-24 00:39:45 +01:00
Kim Alvefur
d464d7edb1 mod_auth_internal_hashed: Pass on errors from password hash function (fixes #1477) 2019-12-23 22:42:39 +01:00
Kim Alvefur
b8ad8ccc88 mod_auth_internal_hashed: Precompute SCRAM authentication profile name (thanks MattJ) 2019-08-22 01:00:31 +02:00
Kim Alvefur
a746aba7a2 mod_auth_internal_hashed: Add support for optionally using SCRAM-SHA-256 instead of SHA-1 
This will currently require a hard reset of all passwords back to plain.
This will be least painful on new deployments.
 2019-01-13 14:02:56 +01:00
Kim Alvefur
73b75571e6 core.usermanager, various modules: Disconnect other resources on password change (thanks waqas) (fixes #512) 2017-07-28 13:15:29 +02:00
Kim Alvefur
4234f60c4a mod_auth_internal_hashed: Split long lines [luacheck] 2017-04-04 01:26:26 +02:00
Kim Alvefur
5386166909 mod_auth_internal_hashed: Rename unused 'self' to _ [luacheck] 2017-04-04 01:26:09 +02:00
Kim Alvefur
938380cacc mod_auth_internal_hashed: Use util.hex 2015-05-18 21:00:41 +02:00
Florian Zeitz
e4186638c7 mod_auth_interal_hashed: Update salt and iteration count when setting a new password 2014-02-12 13:45:16 +01:00
Kim Alvefur
a10c051fb2 mod_auth_internal_hashed: Log calls to provider methods and be consistent with mod_auth_internal_plain 2013-08-10 20:19:40 +02:00
Kim Alvefur
31c364ad7f mod_auth_internal_hashed: Use logger setup by moduleapi instead of going for util.logger directly 2013-08-10 20:17:45 +02:00
Kim Alvefur
6ee727dd25 mod_auth_internal_hashed: Remove this 'initializing' message too 2013-08-10 20:15:25 +02:00
Florian Zeitz
1d833bb807 Remove all trailing whitespace 2013-08-09 17:48:21 +02:00
Kim Alvefur
61e1281073 mod_auth_internal_hashed, mod_auth_internal_plain, mod_privacy, mod_private, mod_register, mod_vcard, mod_muc: Use module:open_store() 2013-04-19 16:14:06 +02:00
Waqas Hussain
b1f22daa93 mod_auth_internal_plain, mod_auth_internal_hashed: No need to nodeprep here. 2013-01-22 08:26:08 +05:00
Kim Alvefur
ce8ed66881 mod_auth_internal_{plain,hashed}: Add support for iterating over accounts 2012-09-21 17:26:12 +02:00
Waqas Hussain
92515e7aa6 mod_auth_*: Use module:provides(). 2012-09-12 21:41:51 +05:00
Waqas Hussain
2e28c81f01 mod_auth_internal_hashed: Get rid of useless wrapper function new_hashpass_provider. 2012-09-12 21:40:00 +05:00
Matthew Wild
90342aaf3c mod_auth_internal_hashed: Remove COMPAT code (upgrading old hashed storage format from pre-0.8) 2012-04-28 03:59:31 +01:00
Matthew Wild
a4d38eb601 mod_auth_internal_hashed: Remove unused imports 2012-04-28 03:55:25 +01:00
Matthew Wild
afebf2da34 mod_auth_internal_{plain,hashed}: Clarify log messages on initialization 2012-03-11 20:56:09 +00:00
Waqas Hussain
9c85f1fccd mod_auth_*: Get rid of undocumented and broken 'sasl_realm' config option. 2011-02-23 01:34:46 +05:00
Matthew Wild
2e28b24183 mod_auth_internal_*: Support for delete_user method 2011-01-04 17:12:28 +00:00
Waqas Hussain
aa144af70e util.sasl.*, mod_auth_*, mod_saslauth: Pass SASL handler as first parameter to SASL profile callbacks. 2010-12-27 19:57:04 +05:00
Kim Alvefur
e535c73ca3 mod_auth_internal_hashed: Fix deleting users 2010-08-16 18:51:22 +02:00
Matthew Wild
a6e1eb7590 usermanager, mod_auth_internal_hashed, mod_legacyauth: New order of parameters for usermanager.test_password - username, host, password 2010-07-21 21:01:36 +01:00
Waqas Hussain
41da5ba5b5 mod_auth_internal_hashed: Fixed SCRAM-SHA-1 mechanism to not traceback on non-existent users. 2010-07-17 19:34:06 +05:00
Matthew Wild
c60ae1fda2 mod_auth_internal, mod_auth_internal_hashed: Remove checking for nil or empty password and pretending it means the user doesn't exist. Hopefully with more success than Custer. 2010-07-08 20:59:53 +01:00
Matthew Wild
02dddbbc8d mod_auth_internal_hashed: Update TODO comments to COMPAT 2010-06-22 20:54:15 +01:00
Matthew Wild
6cd96e6121 mod_auth_internal_hashed: Remove far too many instances of inline hex conversion using gsub, which was creating useless closures and what-not 2010-06-22 20:52:43 +01:00
Matthew Wild
067898649a mod_auth_internal, mod_auth_internal_hashed: Remove is_admin method from providers 2010-06-22 19:14:55 +01:00
Waqas Hussain
1a8e5b9950 mod_auth_internal_hashed: Log as "auth_internal_hashed", not as "usermanager". 2010-06-15 09:12:49 +05:00
Waqas Hussain
c44856d4d0 mod_auth_internal_hashed: Don't assume user doesn't exist if no recognizable authentication data is found. 2010-06-15 09:11:10 +05:00
Waqas Hussain
20e4e09b0e mod_auth_internal_hashed: Removed all checks for Cyrus SASL. 2010-06-15 09:08:02 +05:00
Waqas Hussain
8fcc2761e6 mod_auth_internal_hashed: Fixed a traceback in account creation. 2010-06-13 04:07:38 +05:00
Matthew Wild
79fcb39d49 mod_auth_internal{,_hashed}: Update is_admin to only report the admin status of the current host (ignores global admin rights), fixes global access traceback 2010-06-09 21:25:59 +01:00
Waqas Hussain
bb572575a3 mod_auth_internal_hashed: Removed some useless code. 2010-06-09 22:01:47 +05:00
Waqas Hussain
2c20356058 Merge with Tobias. 2010-06-09 21:34:32 +05:00
Tobias Markmann
b0cd9c5a9a mod_auth_internal_hashed: Empty hashpass after conversion to stored_key/server_key and store new authentication database. 2010-06-09 17:58:20 +02:00