diff options
author | John Hurliman | 2010-06-15 17:46:36 -0700 |
---|---|---|
committer | John Hurliman | 2010-06-15 17:46:36 -0700 |
commit | 6c0a372346305f9de07d664aa58019a6cdfd6c63 (patch) | |
tree | 27e25f6e0103f06ab4897af37561512075b1d38c /OpenSim | |
parent | Fixes creation date issue on user accounts. (diff) | |
download | opensim-SC_OLD-6c0a372346305f9de07d664aa58019a6cdfd6c63.zip opensim-SC_OLD-6c0a372346305f9de07d664aa58019a6cdfd6c63.tar.gz opensim-SC_OLD-6c0a372346305f9de07d664aa58019a6cdfd6c63.tar.bz2 opensim-SC_OLD-6c0a372346305f9de07d664aa58019a6cdfd6c63.tar.xz |
* Support salted and unsalted password hashes in SimianAuthenticationServiceConnector
Diffstat (limited to 'OpenSim')
-rw-r--r-- | OpenSim/Services/Connectors/SimianGrid/SimianAuthenticationServiceConnector.cs | 53 |
1 files changed, 46 insertions, 7 deletions
diff --git a/OpenSim/Services/Connectors/SimianGrid/SimianAuthenticationServiceConnector.cs b/OpenSim/Services/Connectors/SimianGrid/SimianAuthenticationServiceConnector.cs index de3ee4e..3c784f2 100644 --- a/OpenSim/Services/Connectors/SimianGrid/SimianAuthenticationServiceConnector.cs +++ b/OpenSim/Services/Connectors/SimianGrid/SimianAuthenticationServiceConnector.cs | |||
@@ -114,10 +114,9 @@ namespace OpenSim.Services.Connectors.SimianGrid | |||
114 | { | 114 | { |
115 | if (identity["Type"].AsString() == "md5hash") | 115 | if (identity["Type"].AsString() == "md5hash") |
116 | { | 116 | { |
117 | string credential = identity["Credential"].AsString(); | 117 | string authorizeResult; |
118 | 118 | if (CheckPassword(principalID, password, identity["Credential"].AsString(), out authorizeResult)) | |
119 | if (password == credential || "$1$" + password == credential || "$1$" + Utils.MD5String(password) == credential || Utils.MD5String(password) == credential) | 119 | return authorizeResult; |
120 | return Authorize(principalID); | ||
121 | 120 | ||
122 | md5hashFound = true; | 121 | md5hashFound = true; |
123 | break; | 122 | break; |
@@ -125,9 +124,7 @@ namespace OpenSim.Services.Connectors.SimianGrid | |||
125 | } | 124 | } |
126 | } | 125 | } |
127 | 126 | ||
128 | if (md5hashFound) | 127 | if (!md5hashFound) |
129 | m_log.Warn("[SIMIAN AUTH CONNECTOR]: Authentication failed for " + principalID + " using md5hash $1$" + Utils.MD5String(password)); | ||
130 | else | ||
131 | m_log.Warn("[SIMIAN AUTH CONNECTOR]: Authentication failed for " + principalID + ", no md5hash identity found"); | 128 | m_log.Warn("[SIMIAN AUTH CONNECTOR]: Authentication failed for " + principalID + ", no md5hash identity found"); |
132 | } | 129 | } |
133 | else | 130 | else |
@@ -228,6 +225,48 @@ namespace OpenSim.Services.Connectors.SimianGrid | |||
228 | return false; | 225 | return false; |
229 | } | 226 | } |
230 | 227 | ||
228 | private bool CheckPassword(UUID userID, string password, string simianGridCredential, out string authorizeResult) | ||
229 | { | ||
230 | if (simianGridCredential.Contains(":")) | ||
231 | { | ||
232 | // Salted version | ||
233 | int idx = simianGridCredential.IndexOf(':'); | ||
234 | string finalhash = simianGridCredential.Substring(0, idx); | ||
235 | string salt = simianGridCredential.Substring(idx + 1); | ||
236 | |||
237 | if (finalhash == Utils.MD5String(password + ":" + salt)) | ||
238 | { | ||
239 | authorizeResult = Authorize(userID); | ||
240 | return true; | ||
241 | } | ||
242 | else | ||
243 | { | ||
244 | m_log.Warn("[SIMIAN AUTH CONNECTOR]: Authentication failed for " + userID + | ||
245 | " using md5hash " + Utils.MD5String(password) + ":" + salt); | ||
246 | } | ||
247 | } | ||
248 | else | ||
249 | { | ||
250 | // Unsalted version | ||
251 | if (password == simianGridCredential || | ||
252 | "$1$" + password == simianGridCredential || | ||
253 | "$1$" + Utils.MD5String(password) == simianGridCredential || | ||
254 | Utils.MD5String(password) == simianGridCredential) | ||
255 | { | ||
256 | authorizeResult = Authorize(userID); | ||
257 | return true; | ||
258 | } | ||
259 | else | ||
260 | { | ||
261 | m_log.Warn("[SIMIAN AUTH CONNECTOR]: Authentication failed for " + userID + | ||
262 | " using md5hash $1$" + Utils.MD5String(password)); | ||
263 | } | ||
264 | } | ||
265 | |||
266 | authorizeResult = null; | ||
267 | return false; | ||
268 | } | ||
269 | |||
231 | private string Authorize(UUID userID) | 270 | private string Authorize(UUID userID) |
232 | { | 271 | { |
233 | NameValueCollection requestArgs = new NameValueCollection | 272 | NameValueCollection requestArgs = new NameValueCollection |