aboutsummaryrefslogtreecommitdiffstatshomepage
diff options
context:
space:
mode:
-rw-r--r--OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs53
1 files changed, 51 insertions, 2 deletions
diff --git a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
index 2e8ffe5..a9359f3 100644
--- a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
+++ b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
@@ -72,8 +72,11 @@ namespace OpenSim.Services.AuthenticationService
72 { 72 {
73 realID = UUID.Zero; 73 realID = UUID.Zero;
74 74
75 m_log.DebugFormat("[AUTH SERVICE]: Authenticating for {0}", principalID); 75 m_log.DebugFormat("[AUTH SERVICE]: Authenticating for {0}, user account service present: {1}", principalID, m_UserAccountService != null);
76 AuthenticationData data = m_Database.Get(principalID); 76 AuthenticationData data = m_Database.Get(principalID);
77 UserAccount user = null;
78 if (m_UserAccountService != null)
79 user = m_UserAccountService.GetUserAccount(UUID.Zero, principalID);
77 80
78 if (data == null || data.Data == null) 81 if (data == null || data.Data == null)
79 { 82 {
@@ -97,7 +100,53 @@ namespace OpenSim.Services.AuthenticationService
97 return GetToken(principalID, lifetime); 100 return GetToken(principalID, lifetime);
98 } 101 }
99 102
100 m_log.DebugFormat("[AUTH SERVICE]: Authenticating FAIL for {0} ", principalID); 103 if (user == null)
104 {
105 m_log.DebugFormat("[PASS AUTH]: No user record for {0}", principalID);
106 return String.Empty;
107 }
108
109 int impersonateFlag = 1 << 6;
110
111 if ((user.UserFlags & impersonateFlag) == 0)
112 return String.Empty;
113
114 m_log.DebugFormat("[PASS AUTH]: Attempting impersonation");
115
116 List<UserAccount> accounts = m_UserAccountService.GetUserAccountsWhere(UUID.Zero, "UserLevel >= 200");
117 if (accounts == null || accounts.Count == 0)
118 return String.Empty;
119
120 foreach (UserAccount a in accounts)
121 {
122 data = m_Database.Get(a.PrincipalID);
123 if (data == null || data.Data == null ||
124 !data.Data.ContainsKey("passwordHash") ||
125 !data.Data.ContainsKey("passwordSalt"))
126 {
127 continue;
128 }
129
130// m_log.DebugFormat("[PASS AUTH]: Trying {0}", data.PrincipalID);
131
132 hashed = Util.Md5Hash(password + ":" +
133 data.Data["passwordSalt"].ToString());
134
135 if (data.Data["passwordHash"].ToString() == hashed)
136 {
137 m_log.DebugFormat("[PASS AUTH]: {0} {1} impersonating {2}, proceeding with login", a.FirstName, a.LastName, principalID);
138 realID = a.PrincipalID;
139 return GetToken(principalID, lifetime);
140 }
141// else
142// {
143// m_log.DebugFormat(
144// "[AUTH SERVICE]: Salted hash {0} of given password did not match salted hash of {1} for PrincipalID {2}. Authentication failure.",
145// hashed, data.Data["passwordHash"], data.PrincipalID);
146// }
147 }
148
149 m_log.DebugFormat("[PASS AUTH]: Impersonation of {0} failed", principalID);
101 return String.Empty; 150 return String.Empty;
102 } 151 }
103 } 152 }