mirror of
https://github.com/matrix-construct/construct
synced 2024-10-03 06:08:52 +02:00
ircd:Ⓜ️ Replace plaintext password storage with sha256.
This commit is contained in:
parent
4793e4906c
commit
0ef29fc433
1 changed files with 20 additions and 8 deletions
28
ircd/m.cc
28
ircd/m.cc
|
@ -1447,12 +1447,20 @@ try
|
|||
{ event, { "type", "ircd.password" }},
|
||||
{ event, { "state_key", user_id }},
|
||||
{ event, { "sender", user_id }},
|
||||
{ event, { "content", json::members
|
||||
{
|
||||
{ "plaintext", password }
|
||||
}}},
|
||||
};
|
||||
|
||||
char b64[64];
|
||||
uint8_t hash[32];
|
||||
sha256{hash, const_buffer{password}};
|
||||
const auto digest{b64encode_unpadded(b64, hash)};
|
||||
json::iov::push content{event,
|
||||
{
|
||||
"content", json::members
|
||||
{
|
||||
{ "sha256", digest }
|
||||
},
|
||||
}};
|
||||
|
||||
accounts.send(event);
|
||||
}
|
||||
catch(const m::ALREADY_MEMBER &e)
|
||||
|
@ -1474,7 +1482,11 @@ const
|
|||
{ "state_key", user_id },
|
||||
};
|
||||
|
||||
const vm::query<vm::where::test> correct_password{[&supplied_password]
|
||||
char b64[64];
|
||||
uint8_t hash[32];
|
||||
sha256{hash, const_buffer{supplied_password}};
|
||||
const auto supplied_hash{b64encode_unpadded(b64, hash)};
|
||||
const vm::query<vm::where::test> correct_password{[&supplied_hash]
|
||||
(const auto &event)
|
||||
{
|
||||
const json::object &content
|
||||
|
@ -1482,12 +1494,12 @@ const
|
|||
json::at<"content"_>(event)
|
||||
};
|
||||
|
||||
const auto &correct_password
|
||||
const auto &correct_hash
|
||||
{
|
||||
unquote(content.at("plaintext"))
|
||||
unquote(content.at("sha256"))
|
||||
};
|
||||
|
||||
return supplied_password == correct_password;
|
||||
return supplied_hash == correct_hash;
|
||||
}};
|
||||
|
||||
const auto query
|
||||
|
|
Loading…
Reference in a new issue