From 212a538557d3650a2e718fcc5efa9af3563b4b4c Mon Sep 17 00:00:00 2001
From: John Hurliman
Date: Tue, 15 Jun 2010 17:46:36 -0700
Subject: * Support salted and unsalted password hashes in
 SimianAuthenticationServiceConnector

---
 .../SimianAuthenticationServiceConnector.cs        | 53 +++++++++++++++++++---
 1 file changed, 46 insertions(+), 7 deletions(-)

(limited to 'OpenSim/Services/Connectors')

diff --git a/OpenSim/Services/Connectors/SimianGrid/SimianAuthenticationServiceConnector.cs b/OpenSim/Services/Connectors/SimianGrid/SimianAuthenticationServiceConnector.cs
index de3ee4e..3c784f2 100644
--- a/OpenSim/Services/Connectors/SimianGrid/SimianAuthenticationServiceConnector.cs
+++ b/OpenSim/Services/Connectors/SimianGrid/SimianAuthenticationServiceConnector.cs
@@ -114,10 +114,9 @@ namespace OpenSim.Services.Connectors.SimianGrid
                     {
                         if (identity["Type"].AsString() == "md5hash")
                         {
-                            string credential = identity["Credential"].AsString();
-
-                            if (password == credential || "$1$" + password == credential || "$1$" + Utils.MD5String(password) == credential || Utils.MD5String(password) == credential)
-                                return Authorize(principalID);
+                            string authorizeResult;
+                            if (CheckPassword(principalID, password, identity["Credential"].AsString(), out authorizeResult))
+                                return authorizeResult;
 
                             md5hashFound = true;
                             break;
@@ -125,9 +124,7 @@ namespace OpenSim.Services.Connectors.SimianGrid
                     }
                 }
 
-                if (md5hashFound)
-                    m_log.Warn("[SIMIAN AUTH CONNECTOR]: Authentication failed for " + principalID + " using md5hash $1$" + Utils.MD5String(password));
-                else
+                if (!md5hashFound)
                     m_log.Warn("[SIMIAN AUTH CONNECTOR]: Authentication failed for " + principalID + ", no md5hash identity found");
             }
             else
@@ -228,6 +225,48 @@ namespace OpenSim.Services.Connectors.SimianGrid
             return false;
         }
 
+        private bool CheckPassword(UUID userID, string password, string simianGridCredential, out string authorizeResult)
+        {
+            if (simianGridCredential.Contains(":"))
+            {
+                // Salted version
+                int idx = simianGridCredential.IndexOf(':');
+                string finalhash = simianGridCredential.Substring(0, idx);
+                string salt = simianGridCredential.Substring(idx + 1);
+
+                if (finalhash == Utils.MD5String(password + ":" + salt))
+                {
+                    authorizeResult = Authorize(userID);
+                    return true;
+                }
+                else
+                {
+                    m_log.Warn("[SIMIAN AUTH CONNECTOR]: Authentication failed for " + userID +
+                        " using md5hash " + Utils.MD5String(password) + ":" + salt);
+                }
+            }
+            else
+            {
+                // Unsalted version
+                if (password == simianGridCredential ||
+                    "$1$" + password == simianGridCredential ||
+                    "$1$" + Utils.MD5String(password) == simianGridCredential ||
+                    Utils.MD5String(password) == simianGridCredential)
+                {
+                    authorizeResult = Authorize(userID);
+                    return true;
+                }
+                else
+                {
+                    m_log.Warn("[SIMIAN AUTH CONNECTOR]: Authentication failed for " + userID +
+                        " using md5hash $1$" + Utils.MD5String(password));
+                }
+            }
+
+            authorizeResult = null;
+            return false;
+        }
+
         private string Authorize(UUID userID)
         {
             NameValueCollection requestArgs = new NameValueCollection
-- 
cgit v1.1