prosody

Commit Graph

Author	SHA1	Message	Date
Matthew Wild	ab835fed13	util.hex: Deprecate to/from in favour of encode/decode, for consistency!	4 years ago
Kim Alvefur	8ff2f04e4c	mod_auth_internal_hashed: Allow creating disabled account without password Otherwise, create_user(username, nil) leads to the account being deleted.	3 years ago
Matthew Wild	4db3d15723	usermanager, mod_auth_*: Add get_account_info() returning creation/update time This is useful for a number of things. For example, listing users that need to rotate their passwords after some event. It also provides a safer way for code to determine that a user password has changed without needing to set a handler for the password change event (which is a more fragile approach).	4 years ago
Matthew Wild	6a54d2d2c4	mod_auth_internal_{plain,hashed}: Use constant-time string comparison for secrets	5 years ago
Kim Alvefur	71c6728e69	mod_auth_internal_*: Apply saslprep to passwords Related to #1560	6 years ago
Kim Alvefur	4261dc1d80	mod_auth_internal_hashed: Up iteration count to 10000 per XEP-0438 More security for less pain than switching to SCRAM-SHA-256 The XEP will likely be change to reference the RFC that will probably come from draft-ietf-kitten-password-storage once it is ready, and then we should update to follow that.	4 years ago
Kim Alvefur	c122d673e6	mod_auth_internal_hashed: Make SCRAM iteration count configurable	4 years ago
Kim Alvefur	d464d7edb1	mod_auth_internal_hashed: Pass on errors from password hash function (fixes #1477 )	6 years ago
Kim Alvefur	b8ad8ccc88	mod_auth_internal_hashed: Precompute SCRAM authentication profile name (thanks MattJ)	6 years ago
Kim Alvefur	a746aba7a2	mod_auth_internal_hashed: Add support for optionally using SCRAM-SHA-256 instead of SHA-1 This will currently require a hard reset of all passwords back to plain. This will be least painful on new deployments.	7 years ago
Kim Alvefur	73b75571e6	core.usermanager, various modules: Disconnect other resources on password change (thanks waqas) (fixes #512 )	9 years ago
Kim Alvefur	4234f60c4a	mod_auth_internal_hashed: Split long lines [luacheck]	9 years ago
Kim Alvefur	5386166909	mod_auth_internal_hashed: Rename unused 'self' to _ [luacheck]	9 years ago
Kim Alvefur	938380cacc	mod_auth_internal_hashed: Use util.hex	11 years ago
Florian Zeitz	e4186638c7	mod_auth_interal_hashed: Update salt and iteration count when setting a new password	12 years ago
Kim Alvefur	a10c051fb2	mod_auth_internal_hashed: Log calls to provider methods and be consistent with mod_auth_internal_plain	13 years ago
Kim Alvefur	31c364ad7f	mod_auth_internal_hashed: Use logger setup by moduleapi instead of going for util.logger directly	13 years ago
Kim Alvefur	6ee727dd25	mod_auth_internal_hashed: Remove this 'initializing' message too	13 years ago
Florian Zeitz	1d833bb807	Remove all trailing whitespace	13 years ago
Kim Alvefur	61e1281073	mod_auth_internal_hashed, mod_auth_internal_plain, mod_privacy, mod_private, mod_register, mod_vcard, mod_muc: Use module:open_store()	13 years ago
Waqas Hussain	b1f22daa93	mod_auth_internal_plain, mod_auth_internal_hashed: No need to nodeprep here.	13 years ago
Kim Alvefur	ce8ed66881	mod_auth_internal_{plain,hashed}: Add support for iterating over accounts	13 years ago
Waqas Hussain	92515e7aa6	mod_auth_*: Use module:provides().	13 years ago
Waqas Hussain	2e28c81f01	mod_auth_internal_hashed: Get rid of useless wrapper function new_hashpass_provider.	13 years ago
Matthew Wild	90342aaf3c	mod_auth_internal_hashed: Remove COMPAT code (upgrading old hashed storage format from pre-0.8)	14 years ago
Matthew Wild	a4d38eb601	mod_auth_internal_hashed: Remove unused imports	14 years ago
Matthew Wild	afebf2da34	mod_auth_internal_{plain,hashed}: Clarify log messages on initialization	14 years ago
Waqas Hussain	aa144af70e	util.sasl., mod_auth_, mod_saslauth: Pass SASL handler as first parameter to SASL profile callbacks.	15 years ago
Waqas Hussain	9c85f1fccd	mod_auth_*: Get rid of undocumented and broken 'sasl_realm' config option.	15 years ago
Waqas Hussain	b3cc9f42df	mod_auth_*: Get rid of undocumented and broken 'sasl_realm' config option.	15 years ago
Matthew Wild	90562d1b6e	mod_auth_internal_*: Support for delete_user method	15 years ago
Matthew Wild	2e28b24183	mod_auth_internal_*: Support for delete_user method	15 years ago
Waqas Hussain	1865c2454b	util.sasl., mod_auth_, mod_saslauth: Pass SASL handler as first parameter to SASL profile callbacks.	15 years ago
Kim Alvefur	e535c73ca3	mod_auth_internal_hashed: Fix deleting users	16 years ago
Matthew Wild	a6e1eb7590	usermanager, mod_auth_internal_hashed, mod_legacyauth: New order of parameters for usermanager.test_password - username, host, password	16 years ago
Waqas Hussain	41da5ba5b5	mod_auth_internal_hashed: Fixed SCRAM-SHA-1 mechanism to not traceback on non-existent users.	16 years ago
Matthew Wild	c60ae1fda2	mod_auth_internal, mod_auth_internal_hashed: Remove checking for nil or empty password and pretending it means the user doesn't exist. Hopefully with more success than Custer.	16 years ago
Matthew Wild	02dddbbc8d	mod_auth_internal_hashed: Update TODO comments to COMPAT	16 years ago
Matthew Wild	6cd96e6121	mod_auth_internal_hashed: Remove far too many instances of inline hex conversion using gsub, which was creating useless closures and what-not	16 years ago
Matthew Wild	067898649a	mod_auth_internal, mod_auth_internal_hashed: Remove is_admin method from providers	16 years ago
Waqas Hussain	1a8e5b9950	mod_auth_internal_hashed: Log as "auth_internal_hashed", not as "usermanager".	16 years ago
Waqas Hussain	c44856d4d0	mod_auth_internal_hashed: Don't assume user doesn't exist if no recognizable authentication data is found.	16 years ago
Waqas Hussain	20e4e09b0e	mod_auth_internal_hashed: Removed all checks for Cyrus SASL.	16 years ago
Waqas Hussain	8fcc2761e6	mod_auth_internal_hashed: Fixed a traceback in account creation.	16 years ago
Matthew Wild	79fcb39d49	mod_auth_internal{,_hashed}: Update is_admin to only report the admin status of the current host (ignores global admin rights), fixes global access traceback	16 years ago
Waqas Hussain	bb572575a3	mod_auth_internal_hashed: Removed some useless code.	16 years ago
Tobias Markmann	b0cd9c5a9a	mod_auth_internal_hashed: Empty hashpass after conversion to stored_key/server_key and store new authentication database.	16 years ago
Tobias Markmann	480fa4dd0a	mod_auth_internal_hashed: Remove debugging output.	16 years ago
Tobias Markmann	282c761001	mod_auth_internal_hashed: Convert hashpass to server_key/stored_key on SCRAM-SHA-1 login.	16 years ago
Tobias Markmann	d543622be3	mod_auth_internal_hashed: Convert hashpass to server_key/stored_key on PLAIN login.	16 years ago

1 2

59 Commits (08a730746ce2dc52d2bc47d9868d64f601e2ea81)