MirrorHub/construct
0
0
Fork 0
mirror of https://github.com/matrix-construct/construct synced 2024-10-03 06:08:52 +02:00
Code Issues Releases Wiki Activity

ircd:Ⓜ️ Replace plaintext password storage with sha256.

Browse source
This commit is contained in:
Jason Volk 2017-11-15 18:18:25 -08:00
parent 4793e4906c
commit 0ef29fc433
1 changed files with 20 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
ircd/m.cc
View file

@ -1447,12 +1447,20 @@ try
{ event, { "type", "ircd.password" }}, { event, { "type", "ircd.password" }},
{ event, { "state_key", user_id }}, { event, { "state_key", user_id }},
{ event, { "sender", user_id }}, { event, { "sender", user_id }},
{ event, { "content", json::members
{
{ "plaintext", password }
}}},
}; };
char b64[64];
uint8_t hash[32];
sha256{hash, const_buffer{password}};
const auto digest{b64encode_unpadded(b64, hash)};
json::iov::push content{event,
{
"content", json::members
{
{ "sha256", digest }
},
}};
accounts.send(event); accounts.send(event);
} }
catch(const m::ALREADY_MEMBER &e) catch(const m::ALREADY_MEMBER &e)
@ -1474,7 +1482,11 @@ const
{ "state_key", user_id }, { "state_key", user_id },
}; };
const vm::query<vm::where::test> correct_password{[&supplied_password] char b64[64];
uint8_t hash[32];
sha256{hash, const_buffer{supplied_password}};
const auto supplied_hash{b64encode_unpadded(b64, hash)};
const vm::query<vm::where::test> correct_password{[&supplied_hash]
(const auto &event) (const auto &event)
{ {
const json::object &content const json::object &content
@ -1482,12 +1494,12 @@ const
json::at<"content"_>(event) json::at<"content"_>(event)
}; };
const auto &correct_password const auto &correct_hash
{ {
unquote(content.at("plaintext")) unquote(content.at("sha256"))
}; };
return supplied_password == correct_password; return supplied_hash == correct_hash;
}}; }};
const auto query const auto query