aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/OpenSim/Services/AuthenticationService
diff options
context:
space:
mode:
authoronefang2019-09-11 16:36:50 +1000
committeronefang2019-09-11 16:36:50 +1000
commit50cd1ffd32f69228e566f2b0b89f86ea0d9fe489 (patch)
tree52f2ab0c04f1a5d7d6ac5dc872981b4b156447e7 /OpenSim/Services/AuthenticationService
parentRenamed branch to SledjChisl. (diff)
parentBump to release flavour, build 0. (diff)
downloadopensim-SC-50cd1ffd32f69228e566f2b0b89f86ea0d9fe489.zip
opensim-SC-50cd1ffd32f69228e566f2b0b89f86ea0d9fe489.tar.gz
opensim-SC-50cd1ffd32f69228e566f2b0b89f86ea0d9fe489.tar.bz2
opensim-SC-50cd1ffd32f69228e566f2b0b89f86ea0d9fe489.tar.xz
Merge branch 'SledjChisl'
Diffstat (limited to 'OpenSim/Services/AuthenticationService')
-rw-r--r--OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs15
-rw-r--r--OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs98
-rw-r--r--OpenSim/Services/AuthenticationService/Properties/AssemblyInfo.cs10
-rw-r--r--OpenSim/Services/AuthenticationService/WebkeyAuthenticationService.cs15
-rw-r--r--OpenSim/Services/AuthenticationService/WebkeyOrPasswordAuthenticationService.cs23
5 files changed, 125 insertions, 36 deletions
diff --git a/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs b/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs
index 229f557..f66b4e2 100644
--- a/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs
+++ b/OpenSim/Services/AuthenticationService/AuthenticationServiceBase.cs
@@ -30,17 +30,18 @@ using OpenMetaverse;
30using log4net; 30using log4net;
31using Nini.Config; 31using Nini.Config;
32using System.Reflection; 32using System.Reflection;
33using OpenSim.Server.Base;
34using OpenSim.Services.Interfaces;
33using OpenSim.Data; 35using OpenSim.Data;
34using OpenSim.Framework; 36using OpenSim.Framework;
35using OpenSim.Services.Base; 37using OpenSim.Services.Base;
36using OpenSim.Services.Interfaces;
37 38
38namespace OpenSim.Services.AuthenticationService 39namespace OpenSim.Services.AuthenticationService
39{ 40{
40 // Generic Authentication service used for identifying 41 // Generic Authentication service used for identifying
41 // and authenticating principals. 42 // and authenticating principals.
42 // Principals may be clients acting on users' behalf, 43 // Principals may be clients acting on users' behalf,
43 // or any other components that need 44 // or any other components that need
44 // verifiable identification. 45 // verifiable identification.
45 // 46 //
46 public class AuthenticationServiceBase : ServiceBase 47 public class AuthenticationServiceBase : ServiceBase
@@ -48,8 +49,14 @@ namespace OpenSim.Services.AuthenticationService
48 private static readonly ILog m_log = 49 private static readonly ILog m_log =
49 LogManager.GetLogger( 50 LogManager.GetLogger(
50 MethodBase.GetCurrentMethod().DeclaringType); 51 MethodBase.GetCurrentMethod().DeclaringType);
51 52
52 protected IAuthenticationData m_Database; 53 protected IAuthenticationData m_Database;
54 protected IUserAccountService m_UserAccountService = null;
55
56 public AuthenticationServiceBase(IConfigSource config, IUserAccountService acct) : this(config)
57 {
58 m_UserAccountService = acct;
59 }
53 60
54 public AuthenticationServiceBase(IConfigSource config) : base(config) 61 public AuthenticationServiceBase(IConfigSource config) : base(config)
55 { 62 {
@@ -171,7 +178,7 @@ namespace OpenSim.Services.AuthenticationService
171 m_log.DebugFormat("[AUTHENTICATION DB]: Set authentication info for principalID {0}", info.PrincipalID); 178 m_log.DebugFormat("[AUTHENTICATION DB]: Set authentication info for principalID {0}", info.PrincipalID);
172 return true; 179 return true;
173 } 180 }
174 181
175 protected string GetToken(UUID principalID, int lifetime) 182 protected string GetToken(UUID principalID, int lifetime)
176 { 183 {
177 UUID token = UUID.Random(); 184 UUID token = UUID.Random();
diff --git a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
index 5f1bde1..aef3e9f 100644
--- a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
+++ b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
@@ -41,7 +41,7 @@ namespace OpenSim.Services.AuthenticationService
41 // Generic Authentication service used for identifying 41 // Generic Authentication service used for identifying
42 // and authenticating principals. 42 // and authenticating principals.
43 // Principals may be clients acting on users' behalf, 43 // Principals may be clients acting on users' behalf,
44 // or any other components that need 44 // or any other components that need
45 // verifiable identification. 45 // verifiable identification.
46 // 46 //
47 public class PasswordAuthenticationService : 47 public class PasswordAuthenticationService :
@@ -50,7 +50,13 @@ namespace OpenSim.Services.AuthenticationService
50 private static readonly ILog m_log = 50 private static readonly ILog m_log =
51 LogManager.GetLogger( 51 LogManager.GetLogger(
52 MethodBase.GetCurrentMethod().DeclaringType); 52 MethodBase.GetCurrentMethod().DeclaringType);
53 53
54 public PasswordAuthenticationService(IConfigSource config, IUserAccountService userService) :
55 base(config, userService)
56 {
57 m_log.Debug("[AUTH SERVICE]: Started with User Account access");
58 }
59
54 public PasswordAuthenticationService(IConfigSource config) : 60 public PasswordAuthenticationService(IConfigSource config) :
55 base(config) 61 base(config)
56 { 62 {
@@ -58,42 +64,94 @@ namespace OpenSim.Services.AuthenticationService
58 64
59 public string Authenticate(UUID principalID, string password, int lifetime) 65 public string Authenticate(UUID principalID, string password, int lifetime)
60 { 66 {
67 UUID realID;
68 return Authenticate(principalID, password, lifetime, out realID);
69 }
70
71 public string Authenticate(UUID principalID, string password, int lifetime, out UUID realID)
72 {
73 realID = UUID.Zero;
74
75 m_log.DebugFormat("[AUTH SERVICE]: Authenticating for {0}, user account service present: {1}", principalID, m_UserAccountService != null);
61 AuthenticationData data = m_Database.Get(principalID); 76 AuthenticationData data = m_Database.Get(principalID);
77 UserAccount user = null;
78 if (m_UserAccountService != null)
79 user = m_UserAccountService.GetUserAccount(UUID.Zero, principalID);
62 80
63 if (data == null) 81 if (data == null || data.Data == null)
64 { 82 {
65 m_log.DebugFormat("[AUTH SERVICE]: PrincipalID {0} not found", principalID); 83 m_log.DebugFormat("[AUTH SERVICE]: PrincipalID {0} or its data not found", principalID);
66 return String.Empty; 84 return String.Empty;
67 } 85 }
68 else if (data.Data == null) 86
87 if (!data.Data.ContainsKey("passwordHash") ||
88 !data.Data.ContainsKey("passwordSalt"))
89 {
90 m_log.DebugFormat("[AUTH SERVICE]: No credentials.");
91 return String.Empty;
92 }
93
94 string hashed = Util.Md5Hash(password + ":" +
95 data.Data["passwordSalt"].ToString());
96
97// m_log.DebugFormat("[PASS AUTH]: got {0}; hashed = {1}; stored = {2}", password, hashed, data.Data["passwordHash"].ToString());
98
99 if (data.Data["passwordHash"].ToString() == hashed)
100 {
101 return GetToken(principalID, lifetime);
102 }
103
104 if (user == null)
69 { 105 {
70 m_log.DebugFormat("[AUTH SERVICE]: PrincipalID {0} data not found", principalID); 106 m_log.DebugFormat("[PASS AUTH]: No user record for {0}", principalID);
71 return String.Empty; 107 return String.Empty;
72 } 108 }
73 else if (!data.Data.ContainsKey("passwordHash") || !data.Data.ContainsKey("passwordSalt")) 109
110 int impersonateFlag = 1 << 6;
111
112 if ((user.UserFlags & impersonateFlag) == 0)
74 { 113 {
75 m_log.DebugFormat( 114 m_log.DebugFormat("[AUTH SERVICE]: Not trying impersonation {0} {1}.", user.UserFlags, impersonateFlag);
76 "[AUTH SERVICE]: PrincipalID {0} data didn't contain either passwordHash or passwordSalt", principalID);
77 return String.Empty; 115 return String.Empty;
78 } 116 }
79 else 117
118 m_log.DebugFormat("[PASS AUTH]: Attempting impersonation.");
119
120 List<UserAccount> accounts = m_UserAccountService.GetUserAccountsWhere(UUID.Zero, "UserLevel >= 200");
121 if (accounts == null || accounts.Count == 0)
122 return String.Empty;
123
124 foreach (UserAccount a in accounts)
80 { 125 {
81 string hashed = Util.Md5Hash(password + ":" + data.Data["passwordSalt"].ToString()); 126 data = m_Database.Get(a.PrincipalID);
127 if (data == null || data.Data == null ||
128 !data.Data.ContainsKey("passwordHash") ||
129 !data.Data.ContainsKey("passwordSalt"))
130 {
131 continue;
132 }
133
134// m_log.DebugFormat("[PASS AUTH]: Trying {0}", data.PrincipalID);
82 135
83 m_log.DebugFormat("[PASS AUTH]: got {0}; hashed = {1}; stored = {2}", password, hashed, data.Data["passwordHash"].ToString()); 136 hashed = Util.Md5Hash(password + ":" +
137 data.Data["passwordSalt"].ToString());
84 138
85 if (data.Data["passwordHash"].ToString() == hashed) 139 if (data.Data["passwordHash"].ToString() == hashed)
86 { 140 {
141 m_log.InfoFormat("[PASS AUTH]: {0} {1} impersonating {2}, proceeding with login", a.FirstName, a.LastName, principalID);
142 realID = a.PrincipalID;
87 return GetToken(principalID, lifetime); 143 return GetToken(principalID, lifetime);
88 } 144 }
89 else 145// else
90 { 146// {
91 m_log.DebugFormat( 147// m_log.DebugFormat(
92 "[AUTH SERVICE]: Salted hash {0} of given password did not match salted hash of {1} for PrincipalID {2}. Authentication failure.", 148// "[AUTH SERVICE]: Salted hash {0} of given password did not match salted hash of {1} for PrincipalID {2}. Authentication failure.",
93 hashed, data.Data["passwordHash"], principalID); 149// hashed, data.Data["passwordHash"], data.PrincipalID);
94 return String.Empty; 150// }
95 }
96 } 151 }
152
153 m_log.InfoFormat("[PASS AUTH]: Impersonation of {0} failed", principalID);
154 return String.Empty;
97 } 155 }
98 } 156 }
99} \ No newline at end of file 157}
diff --git a/OpenSim/Services/AuthenticationService/Properties/AssemblyInfo.cs b/OpenSim/Services/AuthenticationService/Properties/AssemblyInfo.cs
index f25accc..c946b04 100644
--- a/OpenSim/Services/AuthenticationService/Properties/AssemblyInfo.cs
+++ b/OpenSim/Services/AuthenticationService/Properties/AssemblyInfo.cs
@@ -2,7 +2,7 @@
2using System.Runtime.CompilerServices; 2using System.Runtime.CompilerServices;
3using System.Runtime.InteropServices; 3using System.Runtime.InteropServices;
4 4
5// General Information about an assembly is controlled through the following 5// General Information about an assembly is controlled through the following
6// set of attributes. Change these attribute values to modify the information 6// set of attributes. Change these attribute values to modify the information
7// associated with an assembly. 7// associated with an assembly.
8[assembly: AssemblyTitle("OpenSim.Services.AuthenticationService")] 8[assembly: AssemblyTitle("OpenSim.Services.AuthenticationService")]
@@ -14,8 +14,8 @@ using System.Runtime.InteropServices;
14[assembly: AssemblyTrademark("")] 14[assembly: AssemblyTrademark("")]
15[assembly: AssemblyCulture("")] 15[assembly: AssemblyCulture("")]
16 16
17// Setting ComVisible to false makes the types in this assembly not visible 17// Setting ComVisible to false makes the types in this assembly not visible
18// to COM components. If you need to access a type in this assembly from 18// to COM components. If you need to access a type in this assembly from
19// COM, set the ComVisible attribute to true on that type. 19// COM, set the ComVisible attribute to true on that type.
20[assembly: ComVisible(false)] 20[assembly: ComVisible(false)]
21 21
@@ -25,9 +25,9 @@ using System.Runtime.InteropServices;
25// Version information for an assembly consists of the following four values: 25// Version information for an assembly consists of the following four values:
26// 26//
27// Major Version 27// Major Version
28// Minor Version 28// Minor Version
29// Build Number 29// Build Number
30// Revision 30// Revision
31// 31//
32[assembly: AssemblyVersion("0.8.3.*")] 32[assembly: AssemblyVersion(OpenSim.VersionInfo.AssemblyVersionNumber)]
33 33
diff --git a/OpenSim/Services/AuthenticationService/WebkeyAuthenticationService.cs b/OpenSim/Services/AuthenticationService/WebkeyAuthenticationService.cs
index 2344c0e..0bd5b1f 100644
--- a/OpenSim/Services/AuthenticationService/WebkeyAuthenticationService.cs
+++ b/OpenSim/Services/AuthenticationService/WebkeyAuthenticationService.cs
@@ -40,7 +40,7 @@ namespace OpenSim.Services.AuthenticationService
40 // Generic Authentication service used for identifying 40 // Generic Authentication service used for identifying
41 // and authenticating principals. 41 // and authenticating principals.
42 // Principals may be clients acting on users' behalf, 42 // Principals may be clients acting on users' behalf,
43 // or any other components that need 43 // or any other components that need
44 // verifiable identification. 44 // verifiable identification.
45 // 45 //
46 public class WebkeyAuthenticationService : 46 public class WebkeyAuthenticationService :
@@ -50,11 +50,22 @@ namespace OpenSim.Services.AuthenticationService
50 LogManager.GetLogger( 50 LogManager.GetLogger(
51 MethodBase.GetCurrentMethod().DeclaringType); 51 MethodBase.GetCurrentMethod().DeclaringType);
52 52
53 public WebkeyAuthenticationService(IConfigSource config, IUserAccountService userService) :
54 base(config, userService)
55 {
56 }
57
53 public WebkeyAuthenticationService(IConfigSource config) : 58 public WebkeyAuthenticationService(IConfigSource config) :
54 base(config) 59 base(config)
55 { 60 {
56 } 61 }
57 62
63 public string Authenticate(UUID principalID, string password, int lifetime, out UUID realID)
64 {
65 realID = UUID.Zero;
66 return Authenticate(principalID, password, lifetime);
67 }
68
58 public string Authenticate(UUID principalID, string password, int lifetime) 69 public string Authenticate(UUID principalID, string password, int lifetime)
59 { 70 {
60 if (new UUID(password) == UUID.Zero) 71 if (new UUID(password) == UUID.Zero)
@@ -68,7 +79,7 @@ namespace OpenSim.Services.AuthenticationService
68 { 79 {
69 if (data.Data.ContainsKey("webLoginKey")) 80 if (data.Data.ContainsKey("webLoginKey"))
70 { 81 {
71 string key = data.Data["webLoginKey"].ToString(); 82 string key = data.Data["webLoginKey"].ToString();
72 if (key == password) 83 if (key == password)
73 { 84 {
74 data.Data["webLoginKey"] = UUID.Zero.ToString(); 85 data.Data["webLoginKey"] = UUID.Zero.ToString();
diff --git a/OpenSim/Services/AuthenticationService/WebkeyOrPasswordAuthenticationService.cs b/OpenSim/Services/AuthenticationService/WebkeyOrPasswordAuthenticationService.cs
index 2c6cebd..4203c7b 100644
--- a/OpenSim/Services/AuthenticationService/WebkeyOrPasswordAuthenticationService.cs
+++ b/OpenSim/Services/AuthenticationService/WebkeyOrPasswordAuthenticationService.cs
@@ -43,9 +43,9 @@ namespace OpenSim.Services.AuthenticationService
43 { 43 {
44 private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); 44 private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
45 45
46 private Dictionary<string, IAuthenticationService> m_svcChecks 46 private Dictionary<string, IAuthenticationService> m_svcChecks
47 = new Dictionary<string, IAuthenticationService>(); 47 = new Dictionary<string, IAuthenticationService>();
48 48
49 public WebkeyOrPasswordAuthenticationService(IConfigSource config) 49 public WebkeyOrPasswordAuthenticationService(IConfigSource config)
50 : base(config) 50 : base(config)
51 { 51 {
@@ -55,14 +55,22 @@ namespace OpenSim.Services.AuthenticationService
55 55
56 public string Authenticate(UUID principalID, string password, int lifetime) 56 public string Authenticate(UUID principalID, string password, int lifetime)
57 { 57 {
58 UUID realID;
59
60 return Authenticate(principalID, password, lifetime, out realID);
61 }
62
63 public string Authenticate(UUID principalID, string password, int lifetime, out UUID realID)
64 {
58 AuthenticationData data = m_Database.Get(principalID); 65 AuthenticationData data = m_Database.Get(principalID);
59 string result = String.Empty; 66 string result = String.Empty;
67 realID = UUID.Zero;
60 if (data != null && data.Data != null) 68 if (data != null && data.Data != null)
61 { 69 {
62 if (data.Data.ContainsKey("webLoginKey")) 70 if (data.Data.ContainsKey("webLoginKey"))
63 { 71 {
64 m_log.DebugFormat("[AUTH SERVICE]: Attempting web key authentication for PrincipalID {0}", principalID); 72 m_log.DebugFormat("[AUTH SERVICE]: Attempting web key authentication for PrincipalID {0}", principalID);
65 result = m_svcChecks["web_login_key"].Authenticate(principalID, password, lifetime); 73 result = m_svcChecks["web_login_key"].Authenticate(principalID, password, lifetime, out realID);
66 if (result == String.Empty) 74 if (result == String.Empty)
67 { 75 {
68 m_log.DebugFormat("[AUTH SERVICE]: Web Login failed for PrincipalID {0}", principalID); 76 m_log.DebugFormat("[AUTH SERVICE]: Web Login failed for PrincipalID {0}", principalID);
@@ -71,12 +79,15 @@ namespace OpenSim.Services.AuthenticationService
71 if (result == string.Empty && data.Data.ContainsKey("passwordHash") && data.Data.ContainsKey("passwordSalt")) 79 if (result == string.Empty && data.Data.ContainsKey("passwordHash") && data.Data.ContainsKey("passwordSalt"))
72 { 80 {
73 m_log.DebugFormat("[AUTH SERVICE]: Attempting password authentication for PrincipalID {0}", principalID); 81 m_log.DebugFormat("[AUTH SERVICE]: Attempting password authentication for PrincipalID {0}", principalID);
74 result = m_svcChecks["password"].Authenticate(principalID, password, lifetime); 82 result = m_svcChecks["password"].Authenticate(principalID, password, lifetime, out realID);
75 if (result == String.Empty) 83 if (result == String.Empty)
76 { 84 {
77 m_log.DebugFormat("[AUTH SERVICE]: Password login failed for PrincipalID {0}", principalID); 85 m_log.DebugFormat("[AUTH SERVICE]: Password login failed for PrincipalID {0}", principalID);
78 } 86 }
79 } 87 }
88
89
90
80 if (result == string.Empty) 91 if (result == string.Empty)
81 { 92 {
82 m_log.DebugFormat("[AUTH SERVICE]: Both password and webLoginKey-based authentication failed for PrincipalID {0}", principalID); 93 m_log.DebugFormat("[AUTH SERVICE]: Both password and webLoginKey-based authentication failed for PrincipalID {0}", principalID);
@@ -86,7 +97,9 @@ namespace OpenSim.Services.AuthenticationService
86 { 97 {
87 m_log.DebugFormat("[AUTH SERVICE]: PrincipalID {0} or its data not found", principalID); 98 m_log.DebugFormat("[AUTH SERVICE]: PrincipalID {0} or its data not found", principalID);
88 } 99 }
100
101
89 return result; 102 return result;
90 } 103 }
91 } 104 }
92} \ No newline at end of file 105}