From: Ismaƫl Bouya Date: Sat, 25 Nov 2023 23:01:39 +0000 (+0100) Subject: Allow plain mecanism for users login X-Git-Url: https://git.immae.eu/?a=commitdiff_plain;h=ce983e8b05d17adbf6b8228b990e5a512835ca56;p=perso%2FImmae%2FConfig%2FNix.git Allow plain mecanism for users login --- diff --git a/deploy/flake.lock b/deploy/flake.lock index f2517ef..74f3cb3 100644 --- a/deploy/flake.lock +++ b/deploy/flake.lock @@ -2783,7 +2783,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-ICKEuT8YaVKsXgdau986YYMhcH+DfeOyD3XQBKUTMOM=", + "narHash": "sha256-JZAb5V2upUFe8gDKiHtA0iksciLTuZgtLikxZpE2ZkY=", "path": "../flakes", "type": "path" }, @@ -3903,7 +3903,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-PRhCKLyFpkmjr/RviVw7h3ZBWVHGmlwH1+z9gWIdXsI=", + "narHash": "sha256-2TyPGrTzqaeWyBTV2ASZ7Om9XFgFXfuE0dlYrPA5ozI=", "path": "../systems/eldiron", "type": "path" }, diff --git a/flake.lock b/flake.lock index 47a4bd6..19de0cb 100644 --- a/flake.lock +++ b/flake.lock @@ -2664,7 +2664,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-ICKEuT8YaVKsXgdau986YYMhcH+DfeOyD3XQBKUTMOM=", + "narHash": "sha256-JZAb5V2upUFe8gDKiHtA0iksciLTuZgtLikxZpE2ZkY=", "path": "./flakes", "type": "path" }, @@ -3919,7 +3919,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-PRhCKLyFpkmjr/RviVw7h3ZBWVHGmlwH1+z9gWIdXsI=", + "narHash": "sha256-2TyPGrTzqaeWyBTV2ASZ7Om9XFgFXfuE0dlYrPA5ozI=", "path": "../systems/eldiron", "type": "path" }, diff --git a/flakes/flake.lock b/flakes/flake.lock index 6dcee3d..051086e 100644 --- a/flakes/flake.lock +++ b/flakes/flake.lock @@ -3824,7 +3824,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-PRhCKLyFpkmjr/RviVw7h3ZBWVHGmlwH1+z9gWIdXsI=", + "narHash": "sha256-2TyPGrTzqaeWyBTV2ASZ7Om9XFgFXfuE0dlYrPA5ozI=", "path": "../systems/eldiron", "type": "path" }, diff --git a/systems/eldiron/base.nix b/systems/eldiron/base.nix index 24e05fe..a77a438 100644 --- a/systems/eldiron/base.nix +++ b/systems/eldiron/base.nix @@ -175,7 +175,7 @@ table = ldap_users user_column = login pw_type = function - auth_query = SELECT (mechanism = 'SSHA' AND password = encode(digest( %p || salt, 'sha1'), 'hex')) FROM ldap_users WHERE login = %u OR login || '@' || realm = %u + auth_query = SELECT ((mechanism = 'SSHA' AND password = encode(digest( %p || salt, 'sha1'), 'hex')) OR (mechanism = 'PLAIN' AND password = %p)) FROM ldap_users WHERE login = %u OR login || '@' || realm = %u #pwd_query = WITH newsalt as (select gen_random_bytes(4)) UPDATE ldap_users SET password = encode(digest( %p || (SELECT * FROM newsalt), 'sha1'), 'hex'), salt = (SELECT * FROM newsalt), mechanism = 'SSHA' WHERE login = %u OR login || '@' || realm = %u ''; };