diff --git a/lib/hashes.js b/lib/hashes.js index e8f08903..6ded979f 100644 --- a/lib/hashes.js +++ b/lib/hashes.js @@ -7,7 +7,7 @@ const cryptMD5 = require('./md5/cryptmd5').cryptMD5; const consts = require('./consts'); // just pass hashing through to bcrypt -module.exports.asyncHash = async password => { +module.exports.hash = async password => { password = (password || '').toString(); switch (consts.DEFAULT_HASH_ALGO) { @@ -23,15 +23,8 @@ module.exports.asyncHash = async password => { } }; -module.exports.hash = (password, callback) => { - module.exports - .asyncHash(password) - .then(hash => callback(null, hash)) - .catch(callback); -}; - // compare against known hashing algos -module.exports.asyncCompare = async (password, hash) => { +module.exports.compare = async (password, hash) => { password = (password || '').toString(); hash = (hash || '').toString(); @@ -62,13 +55,6 @@ module.exports.asyncCompare = async (password, hash) => { } }; -module.exports.compare = (password, hash, callback) => { - module.exports - .asyncCompare(password, hash) - .then(result => callback(null, result)) - .catch(callback); -}; - module.exports.shouldRehash = hash => { hash = (hash || '').toString(); let algo = [].concat(hash.match(/^\$([^$]+)\$/) || [])[1]; diff --git a/lib/user-handler.js b/lib/user-handler.js index 4af7673b..8f6ddb0d 100644 --- a/lib/user-handler.js +++ b/lib/user-handler.js @@ -634,7 +634,7 @@ class UserHandler { // try temporary password first try { - success = await hashes.asyncCompare(password, userData.tempPassword.password); + success = await hashes.compare(password, userData.tempPassword.password); } catch (err) { err.code = 'HashError'; throw err; @@ -653,7 +653,7 @@ class UserHandler { if (!success) { // temporary password did not match, try actual password - success = await hashes.asyncCompare(password, userData.password); + success = await hashes.compare(password, userData.password); } if (success) { @@ -670,7 +670,7 @@ class UserHandler { // master password needs rehashing let hash; try { - hash = await hashes.asyncHash(password); + hash = await hashes.hash(password); if (hash) { // should this even happen??? throw new Error('Failed to rehash password'); @@ -825,7 +825,7 @@ class UserHandler { let success; try { - success = await hashes.asyncCompare(password, asp.password); + success = await hashes.compare(password, asp.password); } catch (err) { err.code = 'HashError'; throw err; @@ -1004,7 +1004,7 @@ class UserHandler { let hash; try { - hash = await hashes.asyncHash(password); + hash = await hashes.hash(password); } catch (err) { log.error('DB', 'HASHFAIL generateASP id=%s error=%s', user, err.message); err.code = 'HashError'; @@ -1030,7 +1030,7 @@ class UserHandler { } try { - let userData = this.users.collection('users').findOne( + let userData = await this.users.collection('users').findOne( { _id: user }, @@ -1226,11 +1226,11 @@ class UserHandler { try { if (data.hashedPassword) { // try if the hashing library can handle it? - await hashes.asyncCompare('whatever', data.password); + await hashes.compare('whatever', data.password); // did not throw, so probably OK hash = data.password; } else { - hash = await hashes.asyncHash(data.password); + hash = await hashes.hash(data.password); } } catch (err) { log.error('DB', 'HASHFAIL user.create id=%s error=%s', data.username, err.message); @@ -1510,7 +1510,7 @@ class UserHandler { let hash; try { - hash = await hashes.asyncHash(password); + hash = await hashes.hash(password); } catch (err) { log.error('DB', 'HASHFAIL user.reset id=%s error=%s', user, err.message); err.code = 'HashError'; @@ -2790,10 +2790,10 @@ class UserHandler { try { if (data.hashedPassword) { // try if the hashing library can handle it? - await hashes.asyncCompare('whatever', $set.password); + await hashes.compare('whatever', $set.password); // did not throw, so probably OK, no need to update `$set.password` } else { - $set.password = await hashes.asyncHash(data.password); + $set.password = await hashes.hash(data.password); } } catch (err) { log.error('DB', 'HASHFAIL user.update id=%s error=%s', data.username, err.message); @@ -2838,7 +2838,7 @@ class UserHandler { if (data.existingPassword && userData.password) { let success; try { - success = await hashes.asyncCompare(data.existingPassword, userData.password); + success = await hashes.compare(data.existingPassword, userData.password); } catch (err) { log.error('DB', 'HASHFAIL user.update id=%s error=%s', data.username, err.message); err.code = err.code || 'HashError'; @@ -2909,7 +2909,11 @@ class UserHandler { }); // just call the operations and hope for the best, no problems if fails - flushreq.exec(() => false); + try { + await flushreq.exec(); + } catch (err) { + // ignore + } } try { diff --git a/package.json b/package.json index 007931f8..3edf29dd 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "wildduck", - "version": "1.21.0", + "version": "1.21.1", "description": "IMAP/POP3 server built with Node.js and MongoDB", "main": "server.js", "scripts": {