Merge remote-tracking branch 'os/master'

5 files changed, 501 insertions, 0 deletions

diff --git a/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs b/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs
new file mode 100644
index 0000000..229f557
--- /dev/null
+++ b/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs
@@ -0,0 +1,186 @@
+/*
+ * Copyright (c) Contributors, http://opensimulator.org/
+ * See CONTRIBUTORS.TXT for a full list of copyright holders.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *     * Redistributions of source code must retain the above copyright
+ *       notice, this list of conditions and the following disclaimer.
+ *     * Redistributions in binary form must reproduce the above copyright
+ *       notice, this list of conditions and the following disclaimer in the
+ *       documentation and/or other materials provided with the distribution.
+ *     * Neither the name of the OpenSimulator Project nor the
+ *       names of its contributors may be used to endorse or promote products
+ *       derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+using System;
+using OpenMetaverse;
+using log4net;
+using Nini.Config;
+using System.Reflection;
+using OpenSim.Data;
+using OpenSim.Framework;
+using OpenSim.Services.Base;
+using OpenSim.Services.Interfaces;
+
+namespace OpenSim.Services.AuthenticationService
+{
+    // Generic Authentication service used for identifying
+    // and authenticating principals.
+    // Principals may be clients acting on users' behalf,
+    // or any other components that need 
+    // verifiable identification.
+    //
+    public class AuthenticationServiceBase : ServiceBase
+    {
+        private static readonly ILog m_log =
+                LogManager.GetLogger(
+                MethodBase.GetCurrentMethod().DeclaringType);
+ 
+        protected IAuthenticationData m_Database;
+
+        public AuthenticationServiceBase(IConfigSource config) : base(config)
+        {
+            string dllName = String.Empty;
+            string connString = String.Empty;
+            string realm = "auth";
+
+            //
+            // Try reading the [AuthenticationService] section first, if it exists
+            //
+            IConfig authConfig = config.Configs["AuthenticationService"];
+            if (authConfig != null)
+            {
+                dllName = authConfig.GetString("StorageProvider", dllName);
+                connString = authConfig.GetString("ConnectionString", connString);
+                realm = authConfig.GetString("Realm", realm);
+            }
+
+            //
+            // Try reading the [DatabaseService] section, if it exists
+            //
+            IConfig dbConfig = config.Configs["DatabaseService"];
+            if (dbConfig != null)
+            {
+                if (dllName == String.Empty)
+                    dllName = dbConfig.GetString("StorageProvider", String.Empty);
+                if (connString == String.Empty)
+                    connString = dbConfig.GetString("ConnectionString", String.Empty);
+            }
+
+            //
+            // We tried, but this doesn't exist. We can't proceed.
+            //
+            if (dllName == String.Empty || realm == String.Empty)
+                throw new Exception("No StorageProvider configured");
+
+            m_Database = LoadPlugin<IAuthenticationData>(dllName,
+                    new Object[] {connString, realm});
+            if (m_Database == null)
+                throw new Exception(string.Format("Could not find a storage interface in module {0}", dllName));
+        }
+
+        public bool Verify(UUID principalID, string token, int lifetime)
+        {
+            return m_Database.CheckToken(principalID, token, lifetime);
+        }
+
+        public virtual bool Release(UUID principalID, string token)
+        {
+            return m_Database.CheckToken(principalID, token, 0);
+        }
+
+        public virtual bool SetPassword(UUID principalID, string password)
+        {
+            string passwordSalt = Util.Md5Hash(UUID.Random().ToString());
+            string md5PasswdHash = Util.Md5Hash(Util.Md5Hash(password) + ":" + passwordSalt);
+
+            AuthenticationData auth = m_Database.Get(principalID);
+            if (auth == null)
+            {
+                auth = new AuthenticationData();
+                auth.PrincipalID = principalID;
+                auth.Data = new System.Collections.Generic.Dictionary<string, object>();
+                auth.Data["accountType"] = "UserAccount";
+                auth.Data["webLoginKey"] = UUID.Zero.ToString();
+            }
+            auth.Data["passwordHash"] = md5PasswdHash;
+            auth.Data["passwordSalt"] = passwordSalt;
+            if (!m_Database.Store(auth))
+            {
+                m_log.DebugFormat("[AUTHENTICATION DB]: Failed to store authentication data");
+                return false;
+            }
+
+            m_log.InfoFormat("[AUTHENTICATION DB]: Set password for principalID {0}", principalID);
+            return true;
+        }
+
+        public virtual AuthInfo GetAuthInfo(UUID principalID)
+        {
+            AuthenticationData data = m_Database.Get(principalID);
+
+            if (data == null)
+            {
+                return null;
+            }
+            else
+            {
+                AuthInfo info
+                    = new AuthInfo()
+                        {
+                            PrincipalID = data.PrincipalID,
+                            AccountType = data.Data["accountType"] as string,
+                            PasswordHash = data.Data["passwordHash"] as string,
+                            PasswordSalt = data.Data["passwordSalt"] as string,
+                            WebLoginKey = data.Data["webLoginKey"] as string
+                        };
+
+                return info;
+            }
+        }
+
+        public virtual bool SetAuthInfo(AuthInfo info)
+        {
+            AuthenticationData auth = new AuthenticationData();
+            auth.PrincipalID = info.PrincipalID;
+            auth.Data = new System.Collections.Generic.Dictionary<string, object>();
+            auth.Data["accountType"] = info.AccountType;
+            auth.Data["webLoginKey"] = info.WebLoginKey;
+            auth.Data["passwordHash"] = info.PasswordHash;
+            auth.Data["passwordSalt"] = info.PasswordSalt;
+
+            if (!m_Database.Store(auth))
+            {
+                m_log.ErrorFormat("[AUTHENTICATION DB]: Failed to store authentication info.");
+                return false;
+            }
+
+            m_log.DebugFormat("[AUTHENTICATION DB]: Set authentication info for principalID {0}", info.PrincipalID);
+            return true;
+        }
+        
+        protected string GetToken(UUID principalID, int lifetime)
+        {
+            UUID token = UUID.Random();
+
+            if (m_Database.SetToken(principalID, token.ToString(), lifetime))
+                return token.ToString();
+
+            return String.Empty;
+        }
+
+    }
+}
diff --git a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
new file mode 100644
index 0000000..5f1bde1
--- /dev/null
+++ b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
@@ -0,0 +1,99 @@
+/*
+ * Copyright (c) Contributors, http://opensimulator.org/
+ * See CONTRIBUTORS.TXT for a full list of copyright holders.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *     * Redistributions of source code must retain the above copyright
+ *       notice, this list of conditions and the following disclaimer.
+ *     * Redistributions in binary form must reproduce the above copyright
+ *       notice, this list of conditions and the following disclaimer in the
+ *       documentation and/or other materials provided with the distribution.
+ *     * Neither the name of the OpenSimulator Project nor the
+ *       names of its contributors may be used to endorse or promote products
+ *       derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+using System;
+using System.Collections.Generic;
+using OpenMetaverse;
+using OpenSim.Services.Interfaces;
+using log4net;
+using Nini.Config;
+using System.Reflection;
+using OpenSim.Data;
+using OpenSim.Framework;
+using OpenSim.Framework.Console;
+
+namespace OpenSim.Services.AuthenticationService
+{
+    // Generic Authentication service used for identifying
+    // and authenticating principals.
+    // Principals may be clients acting on users' behalf,
+    // or any other components that need 
+    // verifiable identification.
+    //
+    public class PasswordAuthenticationService :
+            AuthenticationServiceBase, IAuthenticationService
+    {
+        private static readonly ILog m_log =
+                LogManager.GetLogger(
+                MethodBase.GetCurrentMethod().DeclaringType);
+ 
+        public PasswordAuthenticationService(IConfigSource config) :
+                base(config)
+        {
+        }
+
+        public string Authenticate(UUID principalID, string password, int lifetime)
+        {
+            AuthenticationData data = m_Database.Get(principalID);
+
+            if (data == null)
+            {
+                m_log.DebugFormat("[AUTH SERVICE]: PrincipalID {0} not found", principalID);
+                return String.Empty;
+            }
+            else if (data.Data == null)
+            {
+                m_log.DebugFormat("[AUTH SERVICE]: PrincipalID {0} data not found", principalID);
+                return String.Empty;
+            }
+            else if (!data.Data.ContainsKey("passwordHash") || !data.Data.ContainsKey("passwordSalt"))
+            {
+                m_log.DebugFormat(
+                    "[AUTH SERVICE]: PrincipalID {0} data didn't contain either passwordHash or passwordSalt", principalID);
+                return String.Empty;
+            }
+            else
+            {
+                string hashed = Util.Md5Hash(password + ":" + data.Data["passwordSalt"].ToString());
+
+                m_log.DebugFormat("[PASS AUTH]: got {0}; hashed = {1}; stored = {2}", password, hashed, data.Data["passwordHash"].ToString());
+
+                if (data.Data["passwordHash"].ToString() == hashed)
+                {
+                    return GetToken(principalID, lifetime);
+                }
+                else
+                {
+                    m_log.DebugFormat(
+                        "[AUTH SERVICE]: Salted hash {0} of given password did not match salted hash of {1} for PrincipalID {2}.  Authentication failure.",
+                        hashed, data.Data["passwordHash"], principalID);
+                    return String.Empty;
+                }
+            }
+        }
+    }
+}
\ No newline at end of file
diff --git a/OpenSim/Services/AuthenticationService/Properties/AssemblyInfo.cs b/OpenSim/Services/AuthenticationService/Properties/AssemblyInfo.cs
new file mode 100644
index 0000000..8c63adc
--- /dev/null
+++ b/OpenSim/Services/AuthenticationService/Properties/AssemblyInfo.cs
@@ -0,0 +1,33 @@
+using System.Reflection;
+using System.Runtime.CompilerServices;
+using System.Runtime.InteropServices;
+
+// General Information about an assembly is controlled through the following 
+// set of attributes. Change these attribute values to modify the information
+// associated with an assembly.
+[assembly: AssemblyTitle("OpenSim.Services.AuthenticationService")]
+[assembly: AssemblyDescription("")]
+[assembly: AssemblyConfiguration("")]
+[assembly: AssemblyCompany("http://opensimulator.org")]
+[assembly: AssemblyProduct("OpenSim")]
+[assembly: AssemblyCopyright("Copyright ©  2012")]
+[assembly: AssemblyTrademark("")]
+[assembly: AssemblyCulture("")]
+
+// Setting ComVisible to false makes the types in this assembly not visible 
+// to COM components.  If you need to access a type in this assembly from 
+// COM, set the ComVisible attribute to true on that type.
+[assembly: ComVisible(false)]
+
+// The following GUID is for the ID of the typelib if this project is exposed to COM
+[assembly: Guid("74497b6f-8844-4ed4-8f0d-2caf7f42b760")]
+
+// Version information for an assembly consists of the following four values:
+//
+//      Major Version
+//      Minor Version 
+//      Build Number
+//      Revision
+//
+[assembly: AssemblyVersion("0.8.2.*")]
+
diff --git a/OpenSim/Services/AuthenticationService/WebkeyAuthenticationService.cs b/OpenSim/Services/AuthenticationService/WebkeyAuthenticationService.cs
new file mode 100644
index 0000000..2344c0e
--- /dev/null
+++ b/OpenSim/Services/AuthenticationService/WebkeyAuthenticationService.cs
@@ -0,0 +1,91 @@
+/*
+ * Copyright (c) Contributors, http://opensimulator.org/
+ * See CONTRIBUTORS.TXT for a full list of copyright holders.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *     * Redistributions of source code must retain the above copyright
+ *       notice, this list of conditions and the following disclaimer.
+ *     * Redistributions in binary form must reproduce the above copyright
+ *       notice, this list of conditions and the following disclaimer in the
+ *       documentation and/or other materials provided with the distribution.
+ *     * Neither the name of the OpenSimulator Project nor the
+ *       names of its contributors may be used to endorse or promote products
+ *       derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+using System;
+using OpenMetaverse;
+using OpenSim.Services.Interfaces;
+using log4net;
+using Nini.Config;
+using System.Reflection;
+using OpenSim.Data;
+using OpenSim.Framework;
+using OpenSim.Framework.Console;
+
+namespace OpenSim.Services.AuthenticationService
+{
+    // Generic Authentication service used for identifying
+    // and authenticating principals.
+    // Principals may be clients acting on users' behalf,
+    // or any other components that need 
+    // verifiable identification.
+    //
+    public class WebkeyAuthenticationService :
+            AuthenticationServiceBase, IAuthenticationService
+    {
+        private static readonly ILog m_log =
+                LogManager.GetLogger(
+                MethodBase.GetCurrentMethod().DeclaringType);
+
+        public WebkeyAuthenticationService(IConfigSource config) :
+            base(config)
+        {
+        }
+
+        public string Authenticate(UUID principalID, string password, int lifetime)
+        {
+            if (new UUID(password) == UUID.Zero)
+            {
+                m_log.DebugFormat("[AUTH SERVICE]: UUID.Zero is not a valid web_login_key on PrincipalID {0}", principalID);
+            }
+            else
+            {
+                AuthenticationData data = m_Database.Get(principalID);
+                if (data != null && data.Data != null)
+                {
+                    if (data.Data.ContainsKey("webLoginKey"))
+                    {
+                                                string key = data.Data["webLoginKey"].ToString();
+                        if (key == password)
+                        {
+                            data.Data["webLoginKey"] = UUID.Zero.ToString();
+                            m_Database.Store(data);
+                            return GetToken(principalID, lifetime);
+                        }
+                        else
+                        {
+                            m_log.DebugFormat("[AUTH SERVICE]: web login auth failed, got PrincipalID {0} gave {1} instead of {2}", principalID, password, key);
+                        }
+                    }else{
+                        m_log.DebugFormat("[AUTH SERVICE]: no col webLoginKey in passwd.db");
+                    }
+                }
+                m_log.DebugFormat("[AUTH SERVICE]: PrincipalID {0} or its data not found", principalID);
+            }
+            return String.Empty;
+        }
+    }
+}
diff --git a/OpenSim/Services/AuthenticationService/WebkeyOrPasswordAuthenticationService.cs b/OpenSim/Services/AuthenticationService/WebkeyOrPasswordAuthenticationService.cs
new file mode 100644
index 0000000..2c6cebd
--- /dev/null
+++ b/OpenSim/Services/AuthenticationService/WebkeyOrPasswordAuthenticationService.cs
@@ -0,0 +1,92 @@
+/*
+ * Copyright (c) Contributors, http://opensimulator.org/
+ * See CONTRIBUTORS.TXT for a full list of copyright holders.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *     * Redistributions of source code must retain the above copyright
+ *       notice, this list of conditions and the following disclaimer.
+ *     * Redistributions in binary form must reproduce the above copyright
+ *       notice, this list of conditions and the following disclaimer in the
+ *       documentation and/or other materials provided with the distribution.
+ *     * Neither the name of the OpenSimulator Project nor the
+ *       names of its contributors may be used to endorse or promote products
+ *       derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+using System;
+using System.Collections.Generic;
+using OpenMetaverse;
+using OpenSim.Services.Interfaces;
+using log4net;
+using Nini.Config;
+using System.Reflection;
+using OpenSim.Data;
+using OpenSim.Framework;
+using OpenSim.Framework.Console;
+using OpenSim.Server.Base;
+
+namespace OpenSim.Services.AuthenticationService
+{
+    public class WebkeyOrPasswordAuthenticationService : AuthenticationServiceBase, IAuthenticationService
+    {
+        private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
+
+        private Dictionary<string, IAuthenticationService> m_svcChecks 
+            = new Dictionary<string, IAuthenticationService>();
+        
+        public WebkeyOrPasswordAuthenticationService(IConfigSource config)
+            : base(config)
+        {
+            m_svcChecks["web_login_key"] = new WebkeyAuthenticationService(config);
+            m_svcChecks["password"]      = new PasswordAuthenticationService(config);
+        }
+
+        public string Authenticate(UUID principalID, string password, int lifetime)
+        {
+            AuthenticationData data = m_Database.Get(principalID);
+            string result = String.Empty;
+            if (data != null && data.Data != null)
+            {
+                if (data.Data.ContainsKey("webLoginKey"))
+                {
+                    m_log.DebugFormat("[AUTH SERVICE]: Attempting web key authentication for PrincipalID {0}", principalID);
+                    result = m_svcChecks["web_login_key"].Authenticate(principalID, password, lifetime);
+                    if (result == String.Empty)
+                    {
+                        m_log.DebugFormat("[AUTH SERVICE]: Web Login failed for PrincipalID {0}", principalID);
+                    }
+                }
+                if (result == string.Empty && data.Data.ContainsKey("passwordHash") && data.Data.ContainsKey("passwordSalt"))
+                {
+                    m_log.DebugFormat("[AUTH SERVICE]: Attempting password authentication for PrincipalID {0}", principalID);
+                    result = m_svcChecks["password"].Authenticate(principalID, password, lifetime);
+                    if (result == String.Empty)
+                    {
+                        m_log.DebugFormat("[AUTH SERVICE]: Password login failed for PrincipalID {0}", principalID);
+                    }
+                }
+                if (result == string.Empty)
+                {
+                    m_log.DebugFormat("[AUTH SERVICE]: Both password and webLoginKey-based authentication failed for PrincipalID {0}", principalID);
+                }
+            }
+            else
+            {
+                m_log.DebugFormat("[AUTH SERVICE]: PrincipalID {0} or its data not found", principalID);
+            }
+            return result;
+        }
+    }
+}
\ No newline at end of file