3 files changed, 22 insertions, 19 deletions

diff --git a/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs b/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs
index 6ee98b3..4f03cf4 100644
--- a/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs
+++ b/OpenSim/Server/Handlers/Authentication/AuthenticationServerPostHandler.cs
@@ -82,11 +82,11 @@ namespace OpenSim.Server.Handlers.Authentication
                 switch (p[0])
                 {
                 case "plain":
-                    StreamReader sr = new StreamReader(request);
-                    string body = sr.ReadToEnd();
-                    sr.Close();
-
+                    string body;
+                    using(StreamReader sr = new StreamReader(request))
+                        body = sr.ReadToEnd();
                     return DoPlainMethods(body);
+
                 case "crypt":
                     byte[] buffer = new byte[request.Length];
                     long length = request.Length;
@@ -132,41 +132,41 @@ namespace OpenSim.Server.Handlers.Authentication
                 case "authenticate":
                     if (!request.ContainsKey("PASSWORD"))
                         return FailureResult();
-                    
+
                     token = m_AuthenticationService.Authenticate(principalID, request["PASSWORD"].ToString(), lifetime);
-    
+
                     if (token != String.Empty)
                         return SuccessResult(token);
                     return FailureResult();
-    
+
                 case "setpassword":
                     if (!m_AllowSetPassword)
                         return FailureResult();
 
                     if (!request.ContainsKey("PASSWORD"))
                         return FailureResult();
-    
+
                     if (m_AuthenticationService.SetPassword(principalID, request["PASSWORD"].ToString()))
                         return SuccessResult();
                     else
                         return FailureResult();
-    
+
                 case "verify":
                     if (!request.ContainsKey("TOKEN"))
                         return FailureResult();
-                    
+
                     if (m_AuthenticationService.Verify(principalID, request["TOKEN"].ToString(), lifetime))
                         return SuccessResult();
-    
+
                     return FailureResult();
-    
+
                 case "release":
                     if (!request.ContainsKey("TOKEN"))
                         return FailureResult();
-    
+
                     if (m_AuthenticationService.Release(principalID, request["TOKEN"].ToString()))
                         return SuccessResult();
-    
+
                     return FailureResult();
 
                 case "getauthinfo":
diff --git a/OpenSim/Server/Handlers/Authentication/OpenIdServerConnector.cs b/OpenSim/Server/Handlers/Authentication/OpenIdServerConnector.cs
index 6464399..ac8ff52 100644
--- a/OpenSim/Server/Handlers/Authentication/OpenIdServerConnector.cs
+++ b/OpenSim/Server/Handlers/Authentication/OpenIdServerConnector.cs
@@ -41,7 +41,7 @@ namespace OpenSim.Server.Handlers.Authentication
         private static readonly ILog m_log =
                 LogManager.GetLogger(
                 MethodBase.GetCurrentMethod().DeclaringType);
- 
+
         private IAuthenticationService m_AuthenticationService;
         private IUserAccountService m_UserAccountService;
         private string m_ConfigName = "OpenIdService";
diff --git a/OpenSim/Server/Handlers/Authentication/OpenIdServerHandler.cs b/OpenSim/Server/Handlers/Authentication/OpenIdServerHandler.cs
index b201dc7..254b82f 100644
--- a/OpenSim/Server/Handlers/Authentication/OpenIdServerHandler.cs
+++ b/OpenSim/Server/Handlers/Authentication/OpenIdServerHandler.cs
@@ -178,14 +178,14 @@ namespace OpenSim.Server.Handlers.Authentication
 ";
 
         /// <summary>Page shown for an invalid OpenID identity</summary>
-        const string INVALID_OPENID_PAGE = 
+        const string INVALID_OPENID_PAGE =
 @"<html><head><title>Identity not found</title></head>
 <body>Invalid OpenID identity</body></html>";
 
         /// <summary>Page shown if the OpenID endpoint is requested directly</summary>
         const string ENDPOINT_PAGE =
 @"<html><head><title>OpenID Endpoint</title></head><body>
-This is an OpenID server endpoint, not a human-readable resource. 
+This is an OpenID server endpoint, not a human-readable resource.
 For more information, see <a href='http://openid.net/'>http://openid.net/</a>.
 </body></html>";
 
@@ -222,7 +222,10 @@ For more information, see <a href='http://openid.net/'>http://openid.net/</a>.
 
             try
             {
-                NameValueCollection postQuery = HttpUtility.ParseQueryString(new StreamReader(httpRequest.InputStream).ReadToEnd());
+                string forPost;
+                using(StreamReader sr = new StreamReader(httpRequest.InputStream))
+                    forPost = sr.ReadToEnd();
+                NameValueCollection postQuery = HttpUtility.ParseQueryString(forPost);
                 NameValueCollection getQuery = HttpUtility.ParseQueryString(httpRequest.Url.Query);
                 NameValueCollection openIdQuery = (postQuery.GetValues("openid.mode") != null ? postQuery : getQuery);
 
@@ -241,7 +244,7 @@ For more information, see <a href='http://openid.net/'>http://openid.net/</a>.
                             // Check for form POST data
                             if (passwordValues != null && passwordValues.Length == 1)
                             {
-                                if (account != null && 
+                                if (account != null &&
                                     (m_authenticationService.Authenticate(account.PrincipalID,Util.Md5Hash(passwordValues[0]), 30) != string.Empty))
                                     authRequest.IsAuthenticated = true;
                                 else