mirror of
https://github.com/nodemailer/wildduck.git
synced 2024-09-20 15:26:03 +08:00
v1.21.1
This commit is contained in:
Andris Reinman
parent
ccb9f88a75
commit
be69992aa6
|
|
@ -7,7 +7,7 @@ const cryptMD5 = require('./md5/cryptmd5').cryptMD5;
|
|||
const consts = require('./consts');
|
||||
|
||||
// just pass hashing through to bcrypt
|
||||
module.exports.asyncHash = async password => {
|
||||
module.exports.hash = async password => {
|
||||
password = (password || '').toString();
|
||||
|
||||
switch (consts.DEFAULT_HASH_ALGO) {
|
||||
|
|
@ -23,15 +23,8 @@ module.exports.asyncHash = async password => {
|
|||
}
|
||||
};
|
||||
|
||||
module.exports.hash = (password, callback) => {
|
||||
module.exports
|
||||
.asyncHash(password)
|
||||
.then(hash => callback(null, hash))
|
||||
.catch(callback);
|
||||
};
|
||||
|
||||
// compare against known hashing algos
|
||||
module.exports.asyncCompare = async (password, hash) => {
|
||||
module.exports.compare = async (password, hash) => {
|
||||
password = (password || '').toString();
|
||||
hash = (hash || '').toString();
|
||||
|
||||
|
|
@ -62,13 +55,6 @@ module.exports.asyncCompare = async (password, hash) => {
|
|||
}
|
||||
};
|
||||
|
||||
module.exports.compare = (password, hash, callback) => {
|
||||
module.exports
|
||||
.asyncCompare(password, hash)
|
||||
.then(result => callback(null, result))
|
||||
.catch(callback);
|
||||
};
|
||||
|
||||
module.exports.shouldRehash = hash => {
|
||||
hash = (hash || '').toString();
|
||||
let algo = [].concat(hash.match(/^\$([^$]+)\$/) || [])[1];
|
||||
|
|
|
|||
|
|
@ -634,7 +634,7 @@ class UserHandler {
|
|||
// try temporary password first
|
||||
|
||||
try {
|
||||
success = await hashes.asyncCompare(password, userData.tempPassword.password);
|
||||
success = await hashes.compare(password, userData.tempPassword.password);
|
||||
} catch (err) {
|
||||
err.code = 'HashError';
|
||||
throw err;
|
||||
|
|
@ -653,7 +653,7 @@ class UserHandler {
|
|||
|
||||
if (!success) {
|
||||
// temporary password did not match, try actual password
|
||||
success = await hashes.asyncCompare(password, userData.password);
|
||||
success = await hashes.compare(password, userData.password);
|
||||
}
|
||||
|
||||
if (success) {
|
||||
|
|
@ -670,7 +670,7 @@ class UserHandler {
|
|||
// master password needs rehashing
|
||||
let hash;
|
||||
try {
|
||||
hash = await hashes.asyncHash(password);
|
||||
hash = await hashes.hash(password);
|
||||
if (hash) {
|
||||
// should this even happen???
|
||||
throw new Error('Failed to rehash password');
|
||||
|
|
@ -825,7 +825,7 @@ class UserHandler {
|
|||
|
||||
let success;
|
||||
try {
|
||||
success = await hashes.asyncCompare(password, asp.password);
|
||||
success = await hashes.compare(password, asp.password);
|
||||
} catch (err) {
|
||||
err.code = 'HashError';
|
||||
throw err;
|
||||
|
|
@ -1004,7 +1004,7 @@ class UserHandler {
|
|||
|
||||
let hash;
|
||||
try {
|
||||
hash = await hashes.asyncHash(password);
|
||||
hash = await hashes.hash(password);
|
||||
} catch (err) {
|
||||
log.error('DB', 'HASHFAIL generateASP id=%s error=%s', user, err.message);
|
||||
err.code = 'HashError';
|
||||
|
|
@ -1030,7 +1030,7 @@ class UserHandler {
|
|||
}
|
||||
|
||||
try {
|
||||
let userData = this.users.collection('users').findOne(
|
||||
let userData = await this.users.collection('users').findOne(
|
||||
{
|
||||
_id: user
|
||||
},
|
||||
|
|
@ -1226,11 +1226,11 @@ class UserHandler {
|
|||
try {
|
||||
if (data.hashedPassword) {
|
||||
// try if the hashing library can handle it?
|
||||
await hashes.asyncCompare('whatever', data.password);
|
||||
await hashes.compare('whatever', data.password);
|
||||
// did not throw, so probably OK
|
||||
hash = data.password;
|
||||
} else {
|
||||
hash = await hashes.asyncHash(data.password);
|
||||
hash = await hashes.hash(data.password);
|
||||
}
|
||||
} catch (err) {
|
||||
log.error('DB', 'HASHFAIL user.create id=%s error=%s', data.username, err.message);
|
||||
|
|
@ -1510,7 +1510,7 @@ class UserHandler {
|
|||
|
||||
let hash;
|
||||
try {
|
||||
hash = await hashes.asyncHash(password);
|
||||
hash = await hashes.hash(password);
|
||||
} catch (err) {
|
||||
log.error('DB', 'HASHFAIL user.reset id=%s error=%s', user, err.message);
|
||||
err.code = 'HashError';
|
||||
|
|
@ -2790,10 +2790,10 @@ class UserHandler {
|
|||
try {
|
||||
if (data.hashedPassword) {
|
||||
// try if the hashing library can handle it?
|
||||
await hashes.asyncCompare('whatever', $set.password);
|
||||
await hashes.compare('whatever', $set.password);
|
||||
// did not throw, so probably OK, no need to update `$set.password`
|
||||
} else {
|
||||
$set.password = await hashes.asyncHash(data.password);
|
||||
$set.password = await hashes.hash(data.password);
|
||||
}
|
||||
} catch (err) {
|
||||
log.error('DB', 'HASHFAIL user.update id=%s error=%s', data.username, err.message);
|
||||
|
|
@ -2838,7 +2838,7 @@ class UserHandler {
|
|||
if (data.existingPassword && userData.password) {
|
||||
let success;
|
||||
try {
|
||||
success = await hashes.asyncCompare(data.existingPassword, userData.password);
|
||||
success = await hashes.compare(data.existingPassword, userData.password);
|
||||
} catch (err) {
|
||||
log.error('DB', 'HASHFAIL user.update id=%s error=%s', data.username, err.message);
|
||||
err.code = err.code || 'HashError';
|
||||
|
|
@ -2909,7 +2909,11 @@ class UserHandler {
|
|||
});
|
||||
|
||||
// just call the operations and hope for the best, no problems if fails
|
||||
flushreq.exec(() => false);
|
||||
try {
|
||||
await flushreq.exec();
|
||||
} catch (err) {
|
||||
// ignore
|
||||
}
|
||||
}
|
||||
|
||||
try {
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
{
|
||||
"name": "wildduck",
|
||||
"version": "1.21.0",
|
||||
"version": "1.21.1",
|
||||
"description": "IMAP/POP3 server built with Node.js and MongoDB",
|
||||
"main": "server.js",
|
||||
"scripts": {
|
||||
|
|
|
|||
Loading…
Reference in a new issue