What steps will reproduce the problem?
1. Change password from client
2.
3.
What is the expected output? What do you see instead?
Error when change password from clients.
What version of the product are you using? On what operating system?
Tested on prosody 0.9.8 and 0.9.10
Debian 8.2
Lua 5.1
Module "register" enabled
Please provide any additional information below.
XML Log:
Sent:<iq id="agsXMPP_21" type="set" to="letsgrow.com.br"><query xmlns="jabber:iq:register"><username>geniltodallo</username><password>1234</password></query></iq>
Received:<iq xmlns="jabber:client" from="letsgrow.com.br" to="geniltodallo@letsgrow.com.br/chatseguro5384" type="error" id="agsXMPP_21"><error type="wait"><internal-server-error xmlns="urn:ietf:params:xml:ns:xmpp-stanzas" /></error></iq>
Zash
on
Hi, thanks for the report.
Some more info is needed:
What authentication and storage modules do you use?
What is logged during the password change attempt? If nothing, make sure debug logging is enabled.
Changes
owner Zash
Genilto Dallo
on
Hi Zash,
Authentication Mysql "sql" module
Storage "sql"
mam_sql for message archiving
No error in logs:
Debug logging:
Mar 05 16:43:41 c2s18bdcce0 debug Received[c2s]: <iq id='purple4fadf095' type='set' to='letsgrow.com.br'>
Genilto Dallo
on
Looking at the code of mod_auth_sql, the change password was not finished.
Then I finish the update password function of the mod_auth_sql module.
I'm looking how to commit the changes.
Thanks!
Genilto Dallo
on
# HG changeset patch
# User Genilto Dallo <gd@chatseguro.net>
# Date 1457227033 10800
# Sat Mar 05 22:17:13 2016 -0300
# Node ID bfe60fe03a04ddf9686b7129a6dcf4d24edb4f43
# Parent bd0c5d546bf8eef4e019a8600320e133852ef682
Finish set_password function
diff -r bd0c5d546bf8 -r bfe60fe03a04 mod_auth_sql/mod_auth_sql.lua
--- a/mod_auth_sql/mod_auth_sql.lua Fri Mar 04 17:16:13 2016 +0000
+++ b/mod_auth_sql/mod_auth_sql.lua Sat Mar 05 22:17:13 2016 -0300
@@ -70,6 +70,12 @@
return stmt;
end
+local function setsql(sql, ...)
+ local stmt, err = getsql(sql, ...);
+ if not stmt then return stmt, err; end
+ return stmt:affected();
+end
+
local function get_password(username)
local stmt, err = getsql("SELECT `password` FROM `authreg` WHERE `username`=? AND `realm`=?", username, module.host);
if stmt then
@@ -89,7 +95,8 @@
return get_password(username);
end
function provider.set_password(username, password)
- return nil, "Setting password is not supported.";
+ local stmt, err = setsql("UPDATE `authreg` SET `password`=? WHERE `username`=? AND `realm`=?", password, username, module.host);
+ return stmt and true, err;
end
function provider.user_exists(username)
return get_password(username) and true;
Renaud D
on
Hello I Have an issue with "internal" authentication while using Pidgin client :
When a user wants to reset his password he gets the message :
"Service Unavailable"
Info :
Lua 5.1.5
Prosody 0.9.10
Module "register" disabled
Maybe it is the same source, did this change has been committed ?
Genilto Dallo
on
Hi Renaud, no, I don't commit
Zash
on
mod_auth_sql does indeed lack code for changing password. It's usually meant as a template for integrating with an existing SQL based system and in such cases it's often undesirable to support password change. Easily added, as your patch shows.
Renauds issue is unrelated.
johnnnny
on
Renaul D: for password change, you have to allow module "register" and then use allow_registration = false; to disallow registrations :)
Zash
on
Changes
titleError on change password from client mod_auth_sql does not support password change
Zash
on
Changes
tagsType-Defect Type-Enhancement
titlemod_auth_sql does not support password change mod_auth_sql: password change support
What steps will reproduce the problem? 1. Change password from client 2. 3. What is the expected output? What do you see instead? Error when change password from clients. What version of the product are you using? On what operating system? Tested on prosody 0.9.8 and 0.9.10 Debian 8.2 Lua 5.1 Module "register" enabled Please provide any additional information below. XML Log: Sent:<iq id="agsXMPP_21" type="set" to="letsgrow.com.br"><query xmlns="jabber:iq:register"><username>geniltodallo</username><password>1234</password></query></iq> Received:<iq xmlns="jabber:client" from="letsgrow.com.br" to="geniltodallo@letsgrow.com.br/chatseguro5384" type="error" id="agsXMPP_21"><error type="wait"><internal-server-error xmlns="urn:ietf:params:xml:ns:xmpp-stanzas" /></error></iq>
Hi, thanks for the report. Some more info is needed: What authentication and storage modules do you use? What is logged during the password change attempt? If nothing, make sure debug logging is enabled.
ChangesHi Zash, Authentication Mysql "sql" module Storage "sql" mam_sql for message archiving No error in logs: Debug logging: Mar 05 16:43:41 c2s18bdcce0 debug Received[c2s]: <iq id='purple4fadf095' type='set' to='letsgrow.com.br'>
Looking at the code of mod_auth_sql, the change password was not finished. Then I finish the update password function of the mod_auth_sql module. I'm looking how to commit the changes. Thanks!
# HG changeset patch # User Genilto Dallo <gd@chatseguro.net> # Date 1457227033 10800 # Sat Mar 05 22:17:13 2016 -0300 # Node ID bfe60fe03a04ddf9686b7129a6dcf4d24edb4f43 # Parent bd0c5d546bf8eef4e019a8600320e133852ef682 Finish set_password function diff -r bd0c5d546bf8 -r bfe60fe03a04 mod_auth_sql/mod_auth_sql.lua --- a/mod_auth_sql/mod_auth_sql.lua Fri Mar 04 17:16:13 2016 +0000 +++ b/mod_auth_sql/mod_auth_sql.lua Sat Mar 05 22:17:13 2016 -0300 @@ -70,6 +70,12 @@ return stmt; end +local function setsql(sql, ...) + local stmt, err = getsql(sql, ...); + if not stmt then return stmt, err; end + return stmt:affected(); +end + local function get_password(username) local stmt, err = getsql("SELECT `password` FROM `authreg` WHERE `username`=? AND `realm`=?", username, module.host); if stmt then @@ -89,7 +95,8 @@ return get_password(username); end function provider.set_password(username, password) - return nil, "Setting password is not supported."; + local stmt, err = setsql("UPDATE `authreg` SET `password`=? WHERE `username`=? AND `realm`=?", password, username, module.host); + return stmt and true, err; end function provider.user_exists(username) return get_password(username) and true;
Hello I Have an issue with "internal" authentication while using Pidgin client : When a user wants to reset his password he gets the message : "Service Unavailable" Info : Lua 5.1.5 Prosody 0.9.10 Module "register" disabled Maybe it is the same source, did this change has been committed ?
Hi Renaud, no, I don't commit
mod_auth_sql does indeed lack code for changing password. It's usually meant as a template for integrating with an existing SQL based system and in such cases it's often undesirable to support password change. Easily added, as your patch shows. Renauds issue is unrelated.
Renaul D: for password change, you have to allow module "register" and then use allow_registration = false; to disallow registrations :)
Error on change password from clientmod_auth_sql does not support password changeType-DefectType-Enhancementmod_auth_sql does not support password changemod_auth_sql: password change support