Fix the previous commit

author: Melanie Thielker 2016-11-11 17:31:46 +0000
committer: Melanie Thielker 2016-11-19 02:28:31 +0000
commit: 6749c61d4fc064a954807c9f24284542a2159cd2 (patch)
tree: 48755a5e13190998e6d0604581a56ea570f2cbd9 /OpenSim/Services/AuthenticationService
parent: search accout by id not volatil user name (HG) (diff)
download: opensim-SC_OLD-6749c61d4fc064a954807c9f24284542a2159cd2.zip
opensim-SC_OLD-6749c61d4fc064a954807c9f24284542a2159cd2.tar.gz
opensim-SC_OLD-6749c61d4fc064a954807c9f24284542a2159cd2.tar.bz2
opensim-SC_OLD-6749c61d4fc064a954807c9f24284542a2159cd2.tar.xz
1 files changed, 51 insertions, 2 deletions
diff --git a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
index 2e8ffe5..a9359f3 100644
--- a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
+++ b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
@@ -72,8 +72,11 @@ namespace OpenSim.Services.AuthenticationService
        {
            realID = UUID.Zero;
-            m_log.DebugFormat("[AUTH SERVICE]: Authenticating for {0}", principalID);
+            m_log.DebugFormat("[AUTH SERVICE]: Authenticating for {0}, user account service present: {1}", principalID, m_UserAccountService != null);
            AuthenticationData data = m_Database.Get(principalID);
+            UserAccount user = null;
+            if (m_UserAccountService != null)
+                user = m_UserAccountService.GetUserAccount(UUID.Zero, principalID);
            if (data == null || data.Data == null)
            {
@@ -97,7 +100,53 @@ namespace OpenSim.Services.AuthenticationService
                return GetToken(principalID, lifetime);
            }
-            m_log.DebugFormat("[AUTH SERVICE]: Authenticating FAIL for {0} ", principalID);
+            if (user == null)
+            {
+                m_log.DebugFormat("[PASS AUTH]: No user record for {0}", principalID);
+                return String.Empty;
+            }
+            int impersonateFlag = 1 << 6;
+            if ((user.UserFlags & impersonateFlag) == 0)
+                return String.Empty;
+            m_log.DebugFormat("[PASS AUTH]: Attempting impersonation");
+            List<UserAccount> accounts = m_UserAccountService.GetUserAccountsWhere(UUID.Zero, "UserLevel >= 200");
+            if (accounts == null || accounts.Count == 0)
+                return String.Empty;
+            foreach (UserAccount a in accounts)
+            {
+                data = m_Database.Get(a.PrincipalID);
+                if (data == null || data.Data == null ||
+                    !data.Data.ContainsKey("passwordHash") ||
+                    !data.Data.ContainsKey("passwordSalt"))
+                {
+                    continue;
+                }
+//                m_log.DebugFormat("[PASS AUTH]: Trying {0}", data.PrincipalID);
+                hashed = Util.Md5Hash(password + ":" +
+                        data.Data["passwordSalt"].ToString());
+                if (data.Data["passwordHash"].ToString() == hashed)
+                {
+                    m_log.DebugFormat("[PASS AUTH]: {0} {1} impersonating {2}, proceeding with login", a.FirstName, a.LastName, principalID);
+                    realID = a.PrincipalID;
+                    return GetToken(principalID, lifetime);
+                }
+//                else
+//                {
+//                    m_log.DebugFormat(
+//                        "[AUTH SERVICE]: Salted hash {0} of given password did not match salted hash of {1} for PrincipalID {2}.  Authentication failure.",
+//                        hashed, data.Data["passwordHash"], data.PrincipalID);
+//                }
+            }
+            m_log.DebugFormat("[PASS AUTH]: Impersonation of {0} failed", principalID);
            return String.Empty;
        }
    }
author	Melanie Thielker	2016-11-11 17:31:46 +0000
committer	Melanie Thielker	2016-11-19 02:28:31 +0000
commit	6749c61d4fc064a954807c9f24284542a2159cd2 (patch)
tree	48755a5e13190998e6d0604581a56ea570f2cbd9 /OpenSim/Services/AuthenticationService
parent	search accout by id not volatil user name (HG) (diff)
download	opensim-SC_OLD-6749c61d4fc064a954807c9f24284542a2159cd2.zip opensim-SC_OLD-6749c61d4fc064a954807c9f24284542a2159cd2.tar.gz opensim-SC_OLD-6749c61d4fc064a954807c9f24284542a2159cd2.tar.bz2 opensim-SC_OLD-6749c61d4fc064a954807c9f24284542a2159cd2.tar.xz

diff --git a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs index 2e8ffe5..a9359f3 100644 --- a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs +++ b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
@@ -72,8 +72,11 @@ namespace OpenSim.Services.AuthenticationService
72	{	72	{
73	realID = UUID.Zero;	73	realID = UUID.Zero;
74		74
75	m_log.DebugFormat("[AUTH SERVICE]: Authenticating for {0}", principalID);	75	m_log.DebugFormat("[AUTH SERVICE]: Authenticating for {0}, user account service present: {1}", principalID, m_UserAccountService != null);
76	AuthenticationData data = m_Database.Get(principalID);	76	AuthenticationData data = m_Database.Get(principalID);
		77	UserAccount user = null;
		78	if (m_UserAccountService != null)
		79	user = m_UserAccountService.GetUserAccount(UUID.Zero, principalID);
77		80
78	if (data == null \|\| data.Data == null)	81	if (data == null \|\| data.Data == null)
79	{	82	{
@@ -97,7 +100,53 @@ namespace OpenSim.Services.AuthenticationService
97	return GetToken(principalID, lifetime);	100	return GetToken(principalID, lifetime);
98	}	101	}
99		102
100	m_log.DebugFormat("[AUTH SERVICE]: Authenticating FAIL for {0} ", principalID);	103	if (user == null)
		104	{
		105	m_log.DebugFormat("[PASS AUTH]: No user record for {0}", principalID);
		106	return String.Empty;
		107	}
		108
		109	int impersonateFlag = 1 << 6;
		110
		111	if ((user.UserFlags & impersonateFlag) == 0)
		112	return String.Empty;
		113
		114	m_log.DebugFormat("[PASS AUTH]: Attempting impersonation");
		115
		116	List<UserAccount> accounts = m_UserAccountService.GetUserAccountsWhere(UUID.Zero, "UserLevel >= 200");
		117	if (accounts == null \|\| accounts.Count == 0)
		118	return String.Empty;
		119
		120	foreach (UserAccount a in accounts)
		121	{
		122	data = m_Database.Get(a.PrincipalID);
		123	if (data == null \|\| data.Data == null \|\|
		124	!data.Data.ContainsKey("passwordHash") \|\|
		125	!data.Data.ContainsKey("passwordSalt"))
		126	{
		127	continue;
		128	}
		129
		130	// m_log.DebugFormat("[PASS AUTH]: Trying {0}", data.PrincipalID);
		131
		132	hashed = Util.Md5Hash(password + ":" +
		133	data.Data["passwordSalt"].ToString());
		134
		135	if (data.Data["passwordHash"].ToString() == hashed)
		136	{
		137	m_log.DebugFormat("[PASS AUTH]: {0} {1} impersonating {2}, proceeding with login", a.FirstName, a.LastName, principalID);
		138	realID = a.PrincipalID;
		139	return GetToken(principalID, lifetime);
		140	}
		141	// else
		142	// {
		143	// m_log.DebugFormat(
		144	// "[AUTH SERVICE]: Salted hash {0} of given password did not match salted hash of {1} for PrincipalID {2}. Authentication failure.",
		145	// hashed, data.Data["passwordHash"], data.PrincipalID);
		146	// }
		147	}
		148
		149	m_log.DebugFormat("[PASS AUTH]: Impersonation of {0} failed", principalID);
101	return String.Empty;	150	return String.Empty;
102	}	151	}
103	}	152	}