1 files changed, 73 insertions, 18 deletions
diff --git a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
index 5f1bde1..9d12d47 100644
--- a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
+++ b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
@@ -51,6 +51,12 @@ namespace OpenSim.Services.AuthenticationService
                LogManager.GetLogger(
                MethodBase.GetCurrentMethod().DeclaringType);
 
+        public PasswordAuthenticationService(IConfigSource config, IUserAccountService userService) :
+                base(config, userService)
+        {
+            m_log.Debug("[AUTH SERVICE]: Started with User Account access");
+        }
        public PasswordAuthenticationService(IConfigSource config) :
                base(config)
        {
@@ -58,42 +64,91 @@ namespace OpenSim.Services.AuthenticationService
        public string Authenticate(UUID principalID, string password, int lifetime)
        {
+            UUID realID;
+            return Authenticate(principalID, password, lifetime, out realID);
+        }
+        public string Authenticate(UUID principalID, string password, int lifetime, out UUID realID)
+        {
+            realID = UUID.Zero;
+            m_log.DebugFormat("[AUTH SERVICE]: Authenticating for {0}, user account service present: {1}", principalID, m_UserAccountService != null);
            AuthenticationData data = m_Database.Get(principalID);
+            UserAccount user = null;
+            if (m_UserAccountService != null)
+                user = m_UserAccountService.GetUserAccount(UUID.Zero, principalID);
-            if (data == null)
+            if (data == null || data.Data == null)
            {
-                m_log.DebugFormat("[AUTH SERVICE]: PrincipalID {0} not found", principalID);
+                m_log.DebugFormat("[AUTH SERVICE]: PrincipalID {0} or its data not found", principalID);
                return String.Empty;
            }
-            else if (data.Data == null)
+            if (!data.Data.ContainsKey("passwordHash") ||
+                !data.Data.ContainsKey("passwordSalt"))
            {
-                m_log.DebugFormat("[AUTH SERVICE]: PrincipalID {0} data not found", principalID);
                return String.Empty;
            }
-            else if (!data.Data.ContainsKey("passwordHash") || !data.Data.ContainsKey("passwordSalt"))
+            string hashed = Util.Md5Hash(password + ":" +
+                    data.Data["passwordSalt"].ToString());
+            m_log.DebugFormat("[PASS AUTH]: got {0}; hashed = {1}; stored = {2}", password, hashed, data.Data["passwordHash"].ToString());
+            if (data.Data["passwordHash"].ToString() == hashed)
+            {
+                return GetToken(principalID, lifetime);
+            }
+            if (user == null)
            {
-                m_log.DebugFormat(
+                m_log.DebugFormat("[PASS AUTH]: No user record for {0}", principalID);
-                    "[AUTH SERVICE]: PrincipalID {0} data didn't contain either passwordHash or passwordSalt", principalID);
                return String.Empty;
            }
-            else
+            int impersonateFlag = 1 << 6;
+            if ((user.UserFlags & impersonateFlag) == 0)
+                return String.Empty;
+            m_log.DebugFormat("[PASS AUTH]: Attempting impersonation");
+            List<UserAccount> accounts = m_UserAccountService.GetUserAccountsWhere(UUID.Zero, "UserLevel >= 200");
+            if (accounts == null || accounts.Count == 0)
+                return String.Empty;
+            foreach (UserAccount a in accounts)
            {
-                string hashed = Util.Md5Hash(password + ":" + data.Data["passwordSalt"].ToString());
+                data = m_Database.Get(a.PrincipalID);
+                if (data == null || data.Data == null ||
+                    !data.Data.ContainsKey("passwordHash") ||
+                    !data.Data.ContainsKey("passwordSalt"))
+                {
+                    continue;
+                }
+//                m_log.DebugFormat("[PASS AUTH]: Trying {0}", data.PrincipalID);
-                m_log.DebugFormat("[PASS AUTH]: got {0}; hashed = {1}; stored = {2}", password, hashed, data.Data["passwordHash"].ToString());
+                hashed = Util.Md5Hash(password + ":" +
+                        data.Data["passwordSalt"].ToString());
                if (data.Data["passwordHash"].ToString() == hashed)
                {
+                    m_log.DebugFormat("[PASS AUTH]: {0} {1} impersonating {2}, proceeding with login", a.FirstName, a.LastName, principalID);
+                    realID = a.PrincipalID;
                    return GetToken(principalID, lifetime);
                }
-                else
+//                else
-                {
+//                {
-                    m_log.DebugFormat(
+//                    m_log.DebugFormat(
-                        "[AUTH SERVICE]: Salted hash {0} of given password did not match salted hash of {1} for PrincipalID {2}.  Authentication failure.",
+//                        "[AUTH SERVICE]: Salted hash {0} of given password did not match salted hash of {1} for PrincipalID {2}.  Authentication failure.",
-                        hashed, data.Data["passwordHash"], principalID);
+//                        hashed, data.Data["passwordHash"], data.PrincipalID);
-                    return String.Empty;
+//                }
-                }
            }
+            m_log.DebugFormat("[PASS AUTH]: Impersonation of {0} failed", principalID);
+            return String.Empty;
        }
    }
-}
-\ No newline at end of file
+}

diff --git a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs index 5f1bde1..9d12d47 100644 --- a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs +++ b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
@@ -51,6 +51,12 @@ namespace OpenSim.Services.AuthenticationService
51	LogManager.GetLogger(	51	LogManager.GetLogger(
52	MethodBase.GetCurrentMethod().DeclaringType);	52	MethodBase.GetCurrentMethod().DeclaringType);
53		53
		54	public PasswordAuthenticationService(IConfigSource config, IUserAccountService userService) :
		55	base(config, userService)
		56	{
		57	m_log.Debug("[AUTH SERVICE]: Started with User Account access");
		58	}
		59
54	public PasswordAuthenticationService(IConfigSource config) :	60	public PasswordAuthenticationService(IConfigSource config) :
55	base(config)	61	base(config)
56	{	62	{
@@ -58,42 +64,91 @@ namespace OpenSim.Services.AuthenticationService
58		64
59	public string Authenticate(UUID principalID, string password, int lifetime)	65	public string Authenticate(UUID principalID, string password, int lifetime)
60	{	66	{
		67	UUID realID;
		68
		69	return Authenticate(principalID, password, lifetime, out realID);
		70	}
		71
		72	public string Authenticate(UUID principalID, string password, int lifetime, out UUID realID)
		73	{
		74	realID = UUID.Zero;
		75
		76	m_log.DebugFormat("[AUTH SERVICE]: Authenticating for {0}, user account service present: {1}", principalID, m_UserAccountService != null);
61	AuthenticationData data = m_Database.Get(principalID);	77	AuthenticationData data = m_Database.Get(principalID);
		78	UserAccount user = null;
		79	if (m_UserAccountService != null)
		80	user = m_UserAccountService.GetUserAccount(UUID.Zero, principalID);
62		81
63	if (data == null)	82	if (data == null \|\| data.Data == null)
64	{	83	{
65	m_log.DebugFormat("[AUTH SERVICE]: PrincipalID {0} not found", principalID);	84	m_log.DebugFormat("[AUTH SERVICE]: PrincipalID {0} or its data not found", principalID);
66	return String.Empty;	85	return String.Empty;
67	}	86	}
68	else if (data.Data == null)	87
		88	if (!data.Data.ContainsKey("passwordHash") \|\|
		89	!data.Data.ContainsKey("passwordSalt"))
69	{	90	{
70	m_log.DebugFormat("[AUTH SERVICE]: PrincipalID {0} data not found", principalID);
71	return String.Empty;	91	return String.Empty;
72	}	92	}
73	else if (!data.Data.ContainsKey("passwordHash") \|\| !data.Data.ContainsKey("passwordSalt"))	93
		94	string hashed = Util.Md5Hash(password + ":" +
		95	data.Data["passwordSalt"].ToString());
		96
		97	m_log.DebugFormat("[PASS AUTH]: got {0}; hashed = {1}; stored = {2}", password, hashed, data.Data["passwordHash"].ToString());
		98
		99	if (data.Data["passwordHash"].ToString() == hashed)
		100	{
		101	return GetToken(principalID, lifetime);
		102	}
		103
		104	if (user == null)
74	{	105	{
75	m_log.DebugFormat(	106	m_log.DebugFormat("[PASS AUTH]: No user record for {0}", principalID);
76	"[AUTH SERVICE]: PrincipalID {0} data didn't contain either passwordHash or passwordSalt", principalID);
77	return String.Empty;	107	return String.Empty;
78	}	108	}
79	else	109
		110	int impersonateFlag = 1 << 6;
		111
		112	if ((user.UserFlags & impersonateFlag) == 0)
		113	return String.Empty;
		114
		115	m_log.DebugFormat("[PASS AUTH]: Attempting impersonation");
		116
		117	List<UserAccount> accounts = m_UserAccountService.GetUserAccountsWhere(UUID.Zero, "UserLevel >= 200");
		118	if (accounts == null \|\| accounts.Count == 0)
		119	return String.Empty;
		120
		121	foreach (UserAccount a in accounts)
80	{	122	{
81	string hashed = Util.Md5Hash(password + ":" + data.Data["passwordSalt"].ToString());	123	data = m_Database.Get(a.PrincipalID);
		124	if (data == null \|\| data.Data == null \|\|
		125	!data.Data.ContainsKey("passwordHash") \|\|
		126	!data.Data.ContainsKey("passwordSalt"))
		127	{
		128	continue;
		129	}
		130
		131	// m_log.DebugFormat("[PASS AUTH]: Trying {0}", data.PrincipalID);
82		132
83	m_log.DebugFormat("[PASS AUTH]: got {0}; hashed = {1}; stored = {2}", password, hashed, data.Data["passwordHash"].ToString());	133	hashed = Util.Md5Hash(password + ":" +
		134	data.Data["passwordSalt"].ToString());
84		135
85	if (data.Data["passwordHash"].ToString() == hashed)	136	if (data.Data["passwordHash"].ToString() == hashed)
86	{	137	{
		138	m_log.DebugFormat("[PASS AUTH]: {0} {1} impersonating {2}, proceeding with login", a.FirstName, a.LastName, principalID);
		139	realID = a.PrincipalID;
87	return GetToken(principalID, lifetime);	140	return GetToken(principalID, lifetime);
88	}	141	}
89	else	142	// else
90	{	143	// {
91	m_log.DebugFormat(	144	// m_log.DebugFormat(
92	"[AUTH SERVICE]: Salted hash {0} of given password did not match salted hash of {1} for PrincipalID {2}. Authentication failure.",	145	// "[AUTH SERVICE]: Salted hash {0} of given password did not match salted hash of {1} for PrincipalID {2}. Authentication failure.",
93	hashed, data.Data["passwordHash"], principalID);	146	// hashed, data.Data["passwordHash"], data.PrincipalID);
94	return String.Empty;	147	// }
95	}
96	}	148	}
		149
		150	m_log.DebugFormat("[PASS AUTH]: Impersonation of {0} failed", principalID);
		151	return String.Empty;
97	}	152	}
98	}	153	}
99	} \ No newline at end of file	154	}