* Support salted and unsalted password hashes in SimianAuthenticationServiceConnector

author: John Hurliman 2010-06-15 17:46:36 -0700
committer: John Hurliman 2010-06-15 17:46:36 -0700
commit: 6c0a372346305f9de07d664aa58019a6cdfd6c63 (patch)
tree: 27e25f6e0103f06ab4897af37561512075b1d38c
parent: Fixes creation date issue on user accounts. (diff)
download: opensim-SC_OLD-6c0a372346305f9de07d664aa58019a6cdfd6c63.zip
opensim-SC_OLD-6c0a372346305f9de07d664aa58019a6cdfd6c63.tar.gz
opensim-SC_OLD-6c0a372346305f9de07d664aa58019a6cdfd6c63.tar.bz2
opensim-SC_OLD-6c0a372346305f9de07d664aa58019a6cdfd6c63.tar.xz
1 files changed, 46 insertions, 7 deletions
diff --git a/OpenSim/Services/Connectors/SimianGrid/SimianAuthenticationServiceConnector.cs b/OpenSim/Services/Connectors/SimianGrid/SimianAuthenticationServiceConnector.cs
index de3ee4e..3c784f2 100644
--- a/OpenSim/Services/Connectors/SimianGrid/SimianAuthenticationServiceConnector.cs
+++ b/OpenSim/Services/Connectors/SimianGrid/SimianAuthenticationServiceConnector.cs
@@ -114,10 +114,9 @@ namespace OpenSim.Services.Connectors.SimianGrid
                    {
                        if (identity["Type"].AsString() == "md5hash")
                        {
-                            string credential = identity["Credential"].AsString();
+                            string authorizeResult;
+                            if (CheckPassword(principalID, password, identity["Credential"].AsString(), out authorizeResult))
-                            if (password == credential || "$1$" + password == credential || "$1$" + Utils.MD5String(password) == credential || Utils.MD5String(password) == credential)
+                                return authorizeResult;
-                                return Authorize(principalID);
                            md5hashFound = true;
                            break;
@@ -125,9 +124,7 @@ namespace OpenSim.Services.Connectors.SimianGrid
                    }
                }
-                if (md5hashFound)
+                if (!md5hashFound)
-                    m_log.Warn("[SIMIAN AUTH CONNECTOR]: Authentication failed for " + principalID + " using md5hash $1$" + Utils.MD5String(password));
-                else
                    m_log.Warn("[SIMIAN AUTH CONNECTOR]: Authentication failed for " + principalID + ", no md5hash identity found");
            }
            else
@@ -228,6 +225,48 @@ namespace OpenSim.Services.Connectors.SimianGrid
            return false;
        }
+        private bool CheckPassword(UUID userID, string password, string simianGridCredential, out string authorizeResult)
+        {
+            if (simianGridCredential.Contains(":"))
+            {
+                // Salted version
+                int idx = simianGridCredential.IndexOf(':');
+                string finalhash = simianGridCredential.Substring(0, idx);
+                string salt = simianGridCredential.Substring(idx + 1);
+                if (finalhash == Utils.MD5String(password + ":" + salt))
+                {
+                    authorizeResult = Authorize(userID);
+                    return true;
+                }
+                else
+                {
+                    m_log.Warn("[SIMIAN AUTH CONNECTOR]: Authentication failed for " + userID +
+                        " using md5hash " + Utils.MD5String(password) + ":" + salt);
+                }
+            }
+            else
+            {
+                // Unsalted version
+                if (password == simianGridCredential ||
+                    "$1$" + password == simianGridCredential ||
+                    "$1$" + Utils.MD5String(password) == simianGridCredential ||
+                    Utils.MD5String(password) == simianGridCredential)
+                {
+                    authorizeResult = Authorize(userID);
+                    return true;
+                }
+                else
+                {
+                    m_log.Warn("[SIMIAN AUTH CONNECTOR]: Authentication failed for " + userID +
+                        " using md5hash $1$" + Utils.MD5String(password));
+                }
+            }
+            authorizeResult = null;
+            return false;
+        }
        private string Authorize(UUID userID)
        {
            NameValueCollection requestArgs = new NameValueCollection
author	John Hurliman	2010-06-15 17:46:36 -0700
committer	John Hurliman	2010-06-15 17:46:36 -0700
commit	6c0a372346305f9de07d664aa58019a6cdfd6c63 (patch)
tree	27e25f6e0103f06ab4897af37561512075b1d38c
parent	Fixes creation date issue on user accounts. (diff)
download	opensim-SC_OLD-6c0a372346305f9de07d664aa58019a6cdfd6c63.zip opensim-SC_OLD-6c0a372346305f9de07d664aa58019a6cdfd6c63.tar.gz opensim-SC_OLD-6c0a372346305f9de07d664aa58019a6cdfd6c63.tar.bz2 opensim-SC_OLD-6c0a372346305f9de07d664aa58019a6cdfd6c63.tar.xz

diff --git a/OpenSim/Services/Connectors/SimianGrid/SimianAuthenticationServiceConnector.cs b/OpenSim/Services/Connectors/SimianGrid/SimianAuthenticationServiceConnector.cs index de3ee4e..3c784f2 100644 --- a/OpenSim/Services/Connectors/SimianGrid/SimianAuthenticationServiceConnector.cs +++ b/OpenSim/Services/Connectors/SimianGrid/SimianAuthenticationServiceConnector.cs
@@ -114,10 +114,9 @@ namespace OpenSim.Services.Connectors.SimianGrid
114	{	114	{
115	if (identity["Type"].AsString() == "md5hash")	115	if (identity["Type"].AsString() == "md5hash")
116	{	116	{
117	string credential = identity["Credential"].AsString();	117	string authorizeResult;
118		118	if (CheckPassword(principalID, password, identity["Credential"].AsString(), out authorizeResult))
119	if (password == credential \|\| "$1$" + password == credential \|\| "$1$" + Utils.MD5String(password) == credential \|\| Utils.MD5String(password) == credential)	119	return authorizeResult;
120	return Authorize(principalID);
121		120
122	md5hashFound = true;	121	md5hashFound = true;
123	break;	122	break;
@@ -125,9 +124,7 @@ namespace OpenSim.Services.Connectors.SimianGrid
125	}	124	}
126	}	125	}
127		126
128	if (md5hashFound)	127	if (!md5hashFound)
129	m_log.Warn("[SIMIAN AUTH CONNECTOR]: Authentication failed for " + principalID + " using md5hash $1$" + Utils.MD5String(password));
130	else
131	m_log.Warn("[SIMIAN AUTH CONNECTOR]: Authentication failed for " + principalID + ", no md5hash identity found");	128	m_log.Warn("[SIMIAN AUTH CONNECTOR]: Authentication failed for " + principalID + ", no md5hash identity found");
132	}	129	}
133	else	130	else
@@ -228,6 +225,48 @@ namespace OpenSim.Services.Connectors.SimianGrid
228	return false;	225	return false;
229	}	226	}
230		227
		228	private bool CheckPassword(UUID userID, string password, string simianGridCredential, out string authorizeResult)
		229	{
		230	if (simianGridCredential.Contains(":"))
		231	{
		232	// Salted version
		233	int idx = simianGridCredential.IndexOf(':');
		234	string finalhash = simianGridCredential.Substring(0, idx);
		235	string salt = simianGridCredential.Substring(idx + 1);
		236
		237	if (finalhash == Utils.MD5String(password + ":" + salt))
		238	{
		239	authorizeResult = Authorize(userID);
		240	return true;
		241	}
		242	else
		243	{
		244	m_log.Warn("[SIMIAN AUTH CONNECTOR]: Authentication failed for " + userID +
		245	" using md5hash " + Utils.MD5String(password) + ":" + salt);
		246	}
		247	}
		248	else
		249	{
		250	// Unsalted version
		251	if (password == simianGridCredential \|\|
		252	"$1$" + password == simianGridCredential \|\|
		253	"$1$" + Utils.MD5String(password) == simianGridCredential \|\|
		254	Utils.MD5String(password) == simianGridCredential)
		255	{
		256	authorizeResult = Authorize(userID);
		257	return true;
		258	}
		259	else
		260	{
		261	m_log.Warn("[SIMIAN AUTH CONNECTOR]: Authentication failed for " + userID +
		262	" using md5hash $1$" + Utils.MD5String(password));
		263	}
		264	}
		265
		266	authorizeResult = null;
		267	return false;
		268	}
		269
231	private string Authorize(UUID userID)	270	private string Authorize(UUID userID)
232	{	271	{
233	NameValueCollection requestArgs = new NameValueCollection	272	NameValueCollection requestArgs = new NameValueCollection