couchdb-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From woh...@apache.org
Subject couchdb commit: updated refs/heads/COUCHDB-2221 to 006d819
Date Sun, 06 Apr 2014 02:18:39 GMT
Repository: couchdb
Updated Branches:
  refs/heads/COUCHDB-2221 [created] 006d81965


Protect against _users doc iterations as string (pbkdf2)


Project: http://git-wip-us.apache.org/repos/asf/couchdb/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/006d8196
Tree: http://git-wip-us.apache.org/repos/asf/couchdb/tree/006d8196
Diff: http://git-wip-us.apache.org/repos/asf/couchdb/diff/006d8196

Branch: refs/heads/COUCHDB-2221
Commit: 006d81965d9d09d3fe97a45c973198dc166dafda
Parents: 9f6a919
Author: Joan Touzet <wohali@apache.org>
Authored: Sat Apr 5 22:16:12 2014 -0400
Committer: Joan Touzet <wohali@apache.org>
Committed: Sat Apr 5 22:16:12 2014 -0400

----------------------------------------------------------------------
 src/couchdb/couch_httpd_auth.erl | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/couchdb/blob/006d8196/src/couchdb/couch_httpd_auth.erl
----------------------------------------------------------------------
diff --git a/src/couchdb/couch_httpd_auth.erl b/src/couchdb/couch_httpd_auth.erl
index 08841fb..abc2054 100644
--- a/src/couchdb/couch_httpd_auth.erl
+++ b/src/couchdb/couch_httpd_auth.erl
@@ -367,7 +367,9 @@ authenticate(Pass, UserProps) ->
             {couch_passwords:simple(Pass, UserSalt),
             couch_util:get_value(<<"password_sha">>, UserProps, nil)};
         <<"pbkdf2">> ->
-            Iterations = couch_util:get_value(<<"iterations">>, UserProps, 10000),
+            Iterations = couch_util:to_integer(
+                    couch_util:get_value(<<"iterations">>, UserProps, 10000)
+            ),
             {couch_passwords:pbkdf2(Pass, UserSalt, Iterations),
              couch_util:get_value(<<"derived_key">>, UserProps, nil)}
     end,


Mime
View raw message