OpenID auth needs hashing before authenticating

author: BlueWall 2012-03-02 15:05:06 -0500
committer: BlueWall 2012-03-02 15:05:06 -0500
commit: d242d47e5cf1274225091e843e065366a3620c14 (patch)
tree: c634f6547a0ba3eb39d7634086daf9fc2a18fd99
parent: Merge branch 'master' into v3_support (diff)
download: opensim-SC_OLD-d242d47e5cf1274225091e843e065366a3620c14.zip
opensim-SC_OLD-d242d47e5cf1274225091e843e065366a3620c14.tar.gz
opensim-SC_OLD-d242d47e5cf1274225091e843e065366a3620c14.tar.bz2
opensim-SC_OLD-d242d47e5cf1274225091e843e065366a3620c14.tar.xz
2 files changed, 2 insertions, 2 deletions
diff --git a/OpenSim/Server/Handlers/Authentication/OpenIdServerHandler.cs b/OpenSim/Server/Handlers/Authentication/OpenIdServerHandler.cs
index 440b898..dfed761 100644
--- a/OpenSim/Server/Handlers/Authentication/OpenIdServerHandler.cs
+++ b/OpenSim/Server/Handlers/Authentication/OpenIdServerHandler.cs
@@ -248,7 +248,7 @@ For more information, see <a href='http://openid.net/'>http://openid.net/</a>.
                            if (passwordValues != null && passwordValues.Length == 1)
                            {
                                if (account != null && 
-                                    (m_authenticationService.Authenticate(account.PrincipalID, passwordValues[0], 30) != string.Empty))
+                                    (m_authenticationService.Authenticate(account.PrincipalID,Util.Md5Hash(passwordValues[0]), 30) != string.Empty))
                                    authRequest.IsAuthenticated = true;
                                else
                                    authRequest.IsAuthenticated = false;
diff --git a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
index 48eb3f8..5f1bde1 100644
--- a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
+++ b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
@@ -80,7 +80,7 @@ namespace OpenSim.Services.AuthenticationService
            {
                string hashed = Util.Md5Hash(password + ":" + data.Data["passwordSalt"].ToString());
-                //m_log.DebugFormat("[PASS AUTH]: got {0}; hashed = {1}; stored = {2}", password, hashed, data.Data["passwordHash"].ToString());
+                m_log.DebugFormat("[PASS AUTH]: got {0}; hashed = {1}; stored = {2}", password, hashed, data.Data["passwordHash"].ToString());
                if (data.Data["passwordHash"].ToString() == hashed)
                {
author	BlueWall	2012-03-02 15:05:06 -0500
committer	BlueWall	2012-03-02 15:05:06 -0500
commit	d242d47e5cf1274225091e843e065366a3620c14 (patch)
tree	c634f6547a0ba3eb39d7634086daf9fc2a18fd99
parent	Merge branch 'master' into v3_support (diff)
download	opensim-SC_OLD-d242d47e5cf1274225091e843e065366a3620c14.zip opensim-SC_OLD-d242d47e5cf1274225091e843e065366a3620c14.tar.gz opensim-SC_OLD-d242d47e5cf1274225091e843e065366a3620c14.tar.bz2 opensim-SC_OLD-d242d47e5cf1274225091e843e065366a3620c14.tar.xz

diff --git a/OpenSim/Server/Handlers/Authentication/OpenIdServerHandler.cs b/OpenSim/Server/Handlers/Authentication/OpenIdServerHandler.cs index 440b898..dfed761 100644 --- a/OpenSim/Server/Handlers/Authentication/OpenIdServerHandler.cs +++ b/OpenSim/Server/Handlers/Authentication/OpenIdServerHandler.cs
@@ -248,7 +248,7 @@ For more information, see <a href='http://openid.net/'>http://openid.net/</a>.
248	if (passwordValues != null && passwordValues.Length == 1)	248	if (passwordValues != null && passwordValues.Length == 1)
249	{	249	{
250	if (account != null &&	250	if (account != null &&
251	(m_authenticationService.Authenticate(account.PrincipalID, passwordValues[0], 30) != string.Empty))	251	(m_authenticationService.Authenticate(account.PrincipalID,Util.Md5Hash(passwordValues[0]), 30) != string.Empty))
252	authRequest.IsAuthenticated = true;	252	authRequest.IsAuthenticated = true;
253	else	253	else
254	authRequest.IsAuthenticated = false;	254	authRequest.IsAuthenticated = false;


diff --git a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs index 48eb3f8..5f1bde1 100644 --- a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs +++ b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
@@ -80,7 +80,7 @@ namespace OpenSim.Services.AuthenticationService
80	{	80	{
81	string hashed = Util.Md5Hash(password + ":" + data.Data["passwordSalt"].ToString());	81	string hashed = Util.Md5Hash(password + ":" + data.Data["passwordSalt"].ToString());
82		82
83	//m_log.DebugFormat("[PASS AUTH]: got {0}; hashed = {1}; stored = {2}", password, hashed, data.Data["passwordHash"].ToString());	83	m_log.DebugFormat("[PASS AUTH]: got {0}; hashed = {1}; stored = {2}", password, hashed, data.Data["passwordHash"].ToString());
84		84
85	if (data.Data["passwordHash"].ToString() == hashed)	85	if (data.Data["passwordHash"].ToString() == hashed)
86	{	86	{