diff options
author | Justin Clark-Casey (justincc) | 2009-09-24 14:54:12 +0100 |
---|---|---|
committer | Justin Clark-Casey (justincc) | 2009-09-24 14:54:12 +0100 |
commit | 7870152d23db4cb6f5834d4921fac17feb717220 (patch) | |
tree | ccfd000db77de790908b6480785c78151859886b | |
parent | Merge branch 'master' of ssh://justincc@opensimulator.org/var/git/opensim (diff) | |
download | opensim-SC-7870152d23db4cb6f5834d4921fac17feb717220.zip opensim-SC-7870152d23db4cb6f5834d4921fac17feb717220.tar.gz opensim-SC-7870152d23db4cb6f5834d4921fac17feb717220.tar.bz2 opensim-SC-7870152d23db4cb6f5834d4921fac17feb717220.tar.xz |
Allow load/save iar password checks to be done in grid mode
This should allow load/save iar to work for grid mode as long as the grid user service is later than this revision
Grid services of earlier revisions will always erroneously report incorrect password. This will be addressed shortly.
7 files changed, 166 insertions, 26 deletions
diff --git a/OpenSim/Framework/Communications/IUserService.cs b/OpenSim/Framework/Communications/IUserService.cs index 725225d..15c5a96 100644 --- a/OpenSim/Framework/Communications/IUserService.cs +++ b/OpenSim/Framework/Communications/IUserService.cs | |||
@@ -98,7 +98,7 @@ namespace OpenSim.Framework.Communications | |||
98 | /// <param name="friendlistowner">The agent that who's friends list is being updated</param> | 98 | /// <param name="friendlistowner">The agent that who's friends list is being updated</param> |
99 | /// <param name="friend">The agent that is getting or loosing permissions</param> | 99 | /// <param name="friend">The agent that is getting or loosing permissions</param> |
100 | /// <param name="perms">A uint bit vector for set perms that the friend being added has; 0 = none, 1=This friend can see when they sign on, 2 = map, 4 edit objects </param> | 100 | /// <param name="perms">A uint bit vector for set perms that the friend being added has; 0 = none, 1=This friend can see when they sign on, 2 = map, 4 edit objects </param> |
101 | void UpdateUserFriendPerms(UUID friendlistowner, UUID friend, uint perms); | 101 | void UpdateUserFriendPerms(UUID friendlistowner, UUID friend, uint perms); |
102 | 102 | ||
103 | /// <summary> | 103 | /// <summary> |
104 | /// Logs off a user on the user server | 104 | /// Logs off a user on the user server |
@@ -137,9 +137,21 @@ namespace OpenSim.Framework.Communications | |||
137 | // But since Scenes only have IUserService references, I'm placing it here for now. | 137 | // But since Scenes only have IUserService references, I'm placing it here for now. |
138 | bool VerifySession(UUID userID, UUID sessionID); | 138 | bool VerifySession(UUID userID, UUID sessionID); |
139 | 139 | ||
140 | /// <summary> | ||
141 | /// Authenticate a user by their password. | ||
142 | /// </summary> | ||
143 | /// | ||
144 | /// This is used by callers outside the login process that want to | ||
145 | /// verify a user who has given their password. | ||
146 | /// | ||
147 | /// This should probably also be in IAuthentication but is here for the same reasons as VerifySession() is | ||
148 | /// | ||
149 | /// <param name="userID"></param> | ||
150 | /// <param name="password"></param> | ||
151 | /// <returns></returns> | ||
152 | bool AuthenticateUserByPassword(UUID userID, string password); | ||
140 | 153 | ||
141 | // Temporary Hack until we move everything to the new service model | 154 | // Temporary Hack until we move everything to the new service model |
142 | void SetInventoryService(IInventoryService invService); | 155 | void SetInventoryService(IInventoryService invService); |
143 | |||
144 | } | 156 | } |
145 | } | 157 | } |
diff --git a/OpenSim/Framework/Communications/Tests/Cache/AssetCacheTests.cs b/OpenSim/Framework/Communications/Tests/Cache/AssetCacheTests.cs index ac0dc6d..a757282 100644 --- a/OpenSim/Framework/Communications/Tests/Cache/AssetCacheTests.cs +++ b/OpenSim/Framework/Communications/Tests/Cache/AssetCacheTests.cs | |||
@@ -149,6 +149,11 @@ namespace OpenSim.Framework.Communications.Tests | |||
149 | { | 149 | { |
150 | throw new NotImplementedException(); | 150 | throw new NotImplementedException(); |
151 | } | 151 | } |
152 | |||
153 | public virtual bool AuthenticateUserByPassword(UUID userID, string password) | ||
154 | { | ||
155 | throw new NotImplementedException(); | ||
156 | } | ||
152 | } | 157 | } |
153 | } | 158 | } |
154 | } | 159 | } |
diff --git a/OpenSim/Framework/Communications/UserManagerBase.cs b/OpenSim/Framework/Communications/UserManagerBase.cs index 58174a0..1abd733 100644 --- a/OpenSim/Framework/Communications/UserManagerBase.cs +++ b/OpenSim/Framework/Communications/UserManagerBase.cs | |||
@@ -44,7 +44,8 @@ namespace OpenSim.Framework.Communications | |||
44 | /// <summary> | 44 | /// <summary> |
45 | /// Base class for user management (create, read, etc) | 45 | /// Base class for user management (create, read, etc) |
46 | /// </summary> | 46 | /// </summary> |
47 | public abstract class UserManagerBase : IUserService, IUserAdminService, IAvatarService, IMessagingService, IAuthentication | 47 | public abstract class UserManagerBase |
48 | : IUserService, IUserAdminService, IAvatarService, IMessagingService, IAuthentication | ||
48 | { | 49 | { |
49 | private static readonly ILog m_log | 50 | private static readonly ILog m_log |
50 | = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); | 51 | = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); |
@@ -93,9 +94,9 @@ namespace OpenSim.Framework.Communications | |||
93 | public void AddPlugin(string provider, string connect) | 94 | public void AddPlugin(string provider, string connect) |
94 | { | 95 | { |
95 | m_plugins.AddRange(DataPluginFactory.LoadDataPlugins<IUserDataPlugin>(provider, connect)); | 96 | m_plugins.AddRange(DataPluginFactory.LoadDataPlugins<IUserDataPlugin>(provider, connect)); |
96 | } | 97 | } |
97 | 98 | ||
98 | #region UserProfile | 99 | #region UserProfile |
99 | 100 | ||
100 | public virtual void AddTemporaryUserProfile(UserProfileData userProfile) | 101 | public virtual void AddTemporaryUserProfile(UserProfileData userProfile) |
101 | { | 102 | { |
@@ -891,7 +892,10 @@ namespace OpenSim.Framework.Communications | |||
891 | 892 | ||
892 | if (userProfile != null && userProfile.CurrentAgent != null) | 893 | if (userProfile != null && userProfile.CurrentAgent != null) |
893 | { | 894 | { |
894 | m_log.DebugFormat("[USER AUTH]: Verifying session {0} for {1}; current session {2}", sessionID, userID, userProfile.CurrentAgent.SessionID); | 895 | m_log.DebugFormat( |
896 | "[USER AUTH]: Verifying session {0} for {1}; current session {2}", | ||
897 | sessionID, userID, userProfile.CurrentAgent.SessionID); | ||
898 | |||
895 | if (userProfile.CurrentAgent.SessionID == sessionID) | 899 | if (userProfile.CurrentAgent.SessionID == sessionID) |
896 | { | 900 | { |
897 | return true; | 901 | return true; |
@@ -901,6 +905,26 @@ namespace OpenSim.Framework.Communications | |||
901 | return false; | 905 | return false; |
902 | } | 906 | } |
903 | 907 | ||
908 | public virtual bool AuthenticateUserByPassword(UUID userID, string password) | ||
909 | { | ||
910 | // m_log.DebugFormat("[USER AUTH]: Authenticating user {0} given password {1}", userID, password); | ||
911 | |||
912 | UserProfileData userProfile = GetUserProfile(userID); | ||
913 | |||
914 | if (null == userProfile) | ||
915 | return false; | ||
916 | |||
917 | string md5PasswordHash = Util.Md5Hash(Util.Md5Hash(password) + ":" + userProfile.PasswordSalt); | ||
918 | |||
919 | // m_log.DebugFormat( | ||
920 | // "[USER AUTH]: Submitted hash {0}, stored hash {1}", md5PasswordHash, userProfile.PasswordHash); | ||
921 | |||
922 | if (md5PasswordHash == userProfile.PasswordHash) | ||
923 | return true; | ||
924 | else | ||
925 | return false; | ||
926 | } | ||
927 | |||
904 | #endregion | 928 | #endregion |
905 | } | 929 | } |
906 | } | 930 | } |
diff --git a/OpenSim/Grid/UserServer.Modules/UserManager.cs b/OpenSim/Grid/UserServer.Modules/UserManager.cs index 002f232..bc19ac8 100644 --- a/OpenSim/Grid/UserServer.Modules/UserManager.cs +++ b/OpenSim/Grid/UserServer.Modules/UserManager.cs | |||
@@ -108,6 +108,9 @@ namespace OpenSim.Grid.UserServer.Modules | |||
108 | m_httpServer.AddXmlRPCHandler("get_user_by_uuid", XmlRPCGetUserMethodUUID); | 108 | m_httpServer.AddXmlRPCHandler("get_user_by_uuid", XmlRPCGetUserMethodUUID); |
109 | m_httpServer.AddXmlRPCHandler("get_avatar_picker_avatar", XmlRPCGetAvatarPickerAvatar); | 109 | m_httpServer.AddXmlRPCHandler("get_avatar_picker_avatar", XmlRPCGetAvatarPickerAvatar); |
110 | 110 | ||
111 | // Used by IAR module to do password checks | ||
112 | //m_httpServer.AddXmlRPCHandler("authenticate_user_by_password", XmlRPCAuthenticateUserMethodPassword); | ||
113 | |||
111 | m_httpServer.AddXmlRPCHandler("update_user_current_region", XmlRPCAtRegion); | 114 | m_httpServer.AddXmlRPCHandler("update_user_current_region", XmlRPCAtRegion); |
112 | m_httpServer.AddXmlRPCHandler("logout_of_simulator", XmlRPCLogOffUserMethodUUID); | 115 | m_httpServer.AddXmlRPCHandler("logout_of_simulator", XmlRPCLogOffUserMethodUUID); |
113 | m_httpServer.AddXmlRPCHandler("get_agent_by_uuid", XmlRPCGetAgentMethodUUID); | 116 | m_httpServer.AddXmlRPCHandler("get_agent_by_uuid", XmlRPCGetAgentMethodUUID); |
@@ -203,6 +206,57 @@ namespace OpenSim.Grid.UserServer.Modules | |||
203 | 206 | ||
204 | #region XMLRPC User Methods | 207 | #region XMLRPC User Methods |
205 | 208 | ||
209 | /// <summary> | ||
210 | /// Authenticate a user using their password | ||
211 | /// </summary> | ||
212 | /// <param name="request">Must contain values for "user_uuid" and "password" keys</param> | ||
213 | /// <param name="remoteClient"></param> | ||
214 | /// <returns></returns> | ||
215 | public XmlRpcResponse XmlRPCAuthenticateUserMethodPassword(XmlRpcRequest request, IPEndPoint remoteClient) | ||
216 | { | ||
217 | // m_log.DebugFormat("[USER MANAGER]: Received authenticated user by password request from {0}", remoteClient); | ||
218 | |||
219 | Hashtable requestData = (Hashtable)request.Params[0]; | ||
220 | string userUuidRaw = (string)requestData["user_uuid"]; | ||
221 | string password = (string)requestData["password"]; | ||
222 | |||
223 | if (null == userUuidRaw) | ||
224 | return Util.CreateUnknownUserErrorResponse(); | ||
225 | |||
226 | UUID userUuid; | ||
227 | if (!UUID.TryParse(userUuidRaw, out userUuid)) | ||
228 | return Util.CreateUnknownUserErrorResponse(); | ||
229 | |||
230 | UserProfileData userProfile = m_userDataBaseService.GetUserProfile(userUuid); | ||
231 | if (null == userProfile) | ||
232 | return Util.CreateUnknownUserErrorResponse(); | ||
233 | |||
234 | string authed; | ||
235 | |||
236 | if (null == password) | ||
237 | { | ||
238 | authed = "FALSE"; | ||
239 | } | ||
240 | else | ||
241 | { | ||
242 | if (m_userDataBaseService.AuthenticateUserByPassword(userUuid, password)) | ||
243 | authed = "TRUE"; | ||
244 | else | ||
245 | authed = "FALSE"; | ||
246 | } | ||
247 | |||
248 | // m_log.DebugFormat( | ||
249 | // "[USER MANAGER]: Authentication by password result from {0} for {1} is {2}", | ||
250 | // remoteClient, userUuid, authed); | ||
251 | |||
252 | XmlRpcResponse response = new XmlRpcResponse(); | ||
253 | Hashtable responseData = new Hashtable(); | ||
254 | responseData["auth_user"] = authed; | ||
255 | response.Value = responseData; | ||
256 | |||
257 | return response; | ||
258 | } | ||
259 | |||
206 | public XmlRpcResponse XmlRPCGetAvatarPickerAvatar(XmlRpcRequest request, IPEndPoint remoteClient) | 260 | public XmlRpcResponse XmlRPCGetAvatarPickerAvatar(XmlRpcRequest request, IPEndPoint remoteClient) |
207 | { | 261 | { |
208 | // XmlRpcResponse response = new XmlRpcResponse(); | 262 | // XmlRpcResponse response = new XmlRpcResponse(); |
@@ -246,10 +300,10 @@ namespace OpenSim.Grid.UserServer.Modules | |||
246 | m_userDataBaseService.CommitAgent(ref userProfile); | 300 | m_userDataBaseService.CommitAgent(ref userProfile); |
247 | //setUserProfile(userProfile); | 301 | //setUserProfile(userProfile); |
248 | 302 | ||
249 | |||
250 | returnstring = "TRUE"; | 303 | returnstring = "TRUE"; |
251 | } | 304 | } |
252 | } | 305 | } |
306 | |||
253 | responseData.Add("returnString", returnstring); | 307 | responseData.Add("returnString", returnstring); |
254 | response.Value = responseData; | 308 | response.Value = responseData; |
255 | return response; | 309 | return response; |
diff --git a/OpenSim/Region/Communications/Local/LocalUserServices.cs b/OpenSim/Region/Communications/Local/LocalUserServices.cs index af4fb37..d18937e 100644 --- a/OpenSim/Region/Communications/Local/LocalUserServices.cs +++ b/OpenSim/Region/Communications/Local/LocalUserServices.cs | |||
@@ -80,6 +80,21 @@ namespace OpenSim.Region.Communications.Local | |||
80 | throw new Exception("[LOCAL USER SERVICES]: Unknown master user UUID. Possible reason: UserServer is not running."); | 80 | throw new Exception("[LOCAL USER SERVICES]: Unknown master user UUID. Possible reason: UserServer is not running."); |
81 | } | 81 | } |
82 | return data; | 82 | return data; |
83 | } | 83 | } |
84 | |||
85 | public override bool AuthenticateUserByPassword(UUID userID, string password) | ||
86 | { | ||
87 | UserProfileData userProfile = GetUserProfile(userID); | ||
88 | |||
89 | if (null == userProfile) | ||
90 | return false; | ||
91 | |||
92 | string md5PasswordHash = Util.Md5Hash(Util.Md5Hash(password) + ":" + userProfile.PasswordSalt); | ||
93 | |||
94 | if (md5PasswordHash == userProfile.PasswordHash) | ||
95 | return true; | ||
96 | else | ||
97 | return false; | ||
98 | } | ||
84 | } | 99 | } |
85 | } | 100 | } \ No newline at end of file |
diff --git a/OpenSim/Region/Communications/OGS1/OGS1UserServices.cs b/OpenSim/Region/Communications/OGS1/OGS1UserServices.cs index dff8305..89b3e42 100644 --- a/OpenSim/Region/Communications/OGS1/OGS1UserServices.cs +++ b/OpenSim/Region/Communications/OGS1/OGS1UserServices.cs | |||
@@ -140,6 +140,47 @@ namespace OpenSim.Region.Communications.OGS1 | |||
140 | { | 140 | { |
141 | m_log.DebugFormat("[OGS1 USER SERVICES]: Verifying user session for " + userID); | 141 | m_log.DebugFormat("[OGS1 USER SERVICES]: Verifying user session for " + userID); |
142 | return AuthClient.VerifySession(GetUserServerURL(userID), userID, sessionID); | 142 | return AuthClient.VerifySession(GetUserServerURL(userID), userID, sessionID); |
143 | } | 143 | } |
144 | |||
145 | public override bool AuthenticateUserByPassword(UUID userID, string password) | ||
146 | { | ||
147 | try | ||
148 | { | ||
149 | Hashtable param = new Hashtable(); | ||
150 | param["user_uuid"] = userID.ToString(); | ||
151 | param["password"] = password; | ||
152 | IList parameters = new ArrayList(); | ||
153 | parameters.Add(param); | ||
154 | XmlRpcRequest req = new XmlRpcRequest("authenticate_user_by_password", parameters); | ||
155 | XmlRpcResponse resp = req.Send(m_commsManager.NetworkServersInfo.UserURL, 30000); | ||
156 | Hashtable respData = (Hashtable)resp.Value; | ||
157 | |||
158 | // foreach (object key in respData.Keys) | ||
159 | // { | ||
160 | // Console.WriteLine("respData {0}, {1}", key, respData[key]); | ||
161 | // } | ||
162 | |||
163 | // m_log.DebugFormat( | ||
164 | // "[OGS1 USER SERVICES]: AuthenticatedUserByPassword response for {0} is [{1}]", | ||
165 | // userID, respData["auth_user"]); | ||
166 | |||
167 | if ((string)respData["auth_user"] == "TRUE") | ||
168 | { | ||
169 | return true; | ||
170 | } | ||
171 | else | ||
172 | { | ||
173 | return false; | ||
174 | } | ||
175 | } | ||
176 | catch (Exception e) | ||
177 | { | ||
178 | m_log.ErrorFormat( | ||
179 | "[OGS1 USER SERVICES]: Error when trying to authenticate user by password from remote user server: {0}", | ||
180 | e); | ||
181 | |||
182 | return false; | ||
183 | } | ||
184 | } | ||
144 | } | 185 | } |
145 | } \ No newline at end of file | 186 | } \ No newline at end of file |
diff --git a/OpenSim/Region/CoreModules/Avatar/Inventory/Archiver/InventoryArchiverModule.cs b/OpenSim/Region/CoreModules/Avatar/Inventory/Archiver/InventoryArchiverModule.cs index 196205c..b82b940 100644 --- a/OpenSim/Region/CoreModules/Avatar/Inventory/Archiver/InventoryArchiverModule.cs +++ b/OpenSim/Region/CoreModules/Avatar/Inventory/Archiver/InventoryArchiverModule.cs | |||
@@ -322,7 +322,7 @@ namespace OpenSim.Region.CoreModules.Avatar.Inventory.Archiver | |||
322 | /// <param name="pass">User password</param> | 322 | /// <param name="pass">User password</param> |
323 | /// <returns></returns> | 323 | /// <returns></returns> |
324 | protected CachedUserInfo GetUserInfo(string firstName, string lastName, string pass) | 324 | protected CachedUserInfo GetUserInfo(string firstName, string lastName, string pass) |
325 | { | 325 | { |
326 | CachedUserInfo userInfo = m_aScene.CommsManager.UserProfileCacheService.GetUserDetails(firstName, lastName); | 326 | CachedUserInfo userInfo = m_aScene.CommsManager.UserProfileCacheService.GetUserDetails(firstName, lastName); |
327 | //m_aScene.CommsManager.UserService.GetUserProfile(firstName, lastName); | 327 | //m_aScene.CommsManager.UserService.GetUserProfile(firstName, lastName); |
328 | if (null == userInfo) | 328 | if (null == userInfo) |
@@ -333,29 +333,18 @@ namespace OpenSim.Region.CoreModules.Avatar.Inventory.Archiver | |||
333 | return null; | 333 | return null; |
334 | } | 334 | } |
335 | 335 | ||
336 | string md5PasswdHash = Util.Md5Hash(Util.Md5Hash(pass) + ":" + userInfo.UserProfile.PasswordSalt); | 336 | if (m_aScene.CommsManager.UserService.AuthenticateUserByPassword(userInfo.UserProfile.ID, pass)) |
337 | |||
338 | if (userInfo.UserProfile.PasswordHash == null || userInfo.UserProfile.PasswordHash == String.Empty) | ||
339 | { | 337 | { |
340 | m_log.ErrorFormat( | 338 | return userInfo; |
341 | "[INVENTORY ARCHIVER]: Sorry, the grid mode service is not providing password hash details for the check. This will be fixed in an OpenSim git revision soon"); | ||
342 | |||
343 | return null; | ||
344 | } | 339 | } |
345 | 340 | else | |
346 | // m_log.DebugFormat( | ||
347 | // "[INVENTORY ARCHIVER]: received salt {0}, hash {1}, supplied hash {2}", | ||
348 | // userInfo.UserProfile.PasswordSalt, userInfo.UserProfile.PasswordHash, md5PasswdHash); | ||
349 | |||
350 | if (userInfo.UserProfile.PasswordHash != md5PasswdHash) | ||
351 | { | 341 | { |
352 | m_log.ErrorFormat( | 342 | m_log.ErrorFormat( |
353 | "[INVENTORY ARCHIVER]: Password for user {0} {1} incorrect. Please try again.", | 343 | "[INVENTORY ARCHIVER]: Password for user {0} {1} incorrect. Please try again.", |
354 | firstName, lastName); | 344 | firstName, lastName); |
345 | |||
355 | return null; | 346 | return null; |
356 | } | 347 | } |
357 | |||
358 | return userInfo; | ||
359 | } | 348 | } |
360 | 349 | ||
361 | /// <summary> | 350 | /// <summary> |