diff options
-rw-r--r-- | OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs | 53 |
1 files changed, 51 insertions, 2 deletions
diff --git a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs index 2e8ffe5..a9359f3 100644 --- a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs +++ b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs | |||
@@ -72,8 +72,11 @@ namespace OpenSim.Services.AuthenticationService | |||
72 | { | 72 | { |
73 | realID = UUID.Zero; | 73 | realID = UUID.Zero; |
74 | 74 | ||
75 | m_log.DebugFormat("[AUTH SERVICE]: Authenticating for {0}", principalID); | 75 | m_log.DebugFormat("[AUTH SERVICE]: Authenticating for {0}, user account service present: {1}", principalID, m_UserAccountService != null); |
76 | AuthenticationData data = m_Database.Get(principalID); | 76 | AuthenticationData data = m_Database.Get(principalID); |
77 | UserAccount user = null; | ||
78 | if (m_UserAccountService != null) | ||
79 | user = m_UserAccountService.GetUserAccount(UUID.Zero, principalID); | ||
77 | 80 | ||
78 | if (data == null || data.Data == null) | 81 | if (data == null || data.Data == null) |
79 | { | 82 | { |
@@ -97,7 +100,53 @@ namespace OpenSim.Services.AuthenticationService | |||
97 | return GetToken(principalID, lifetime); | 100 | return GetToken(principalID, lifetime); |
98 | } | 101 | } |
99 | 102 | ||
100 | m_log.DebugFormat("[AUTH SERVICE]: Authenticating FAIL for {0} ", principalID); | 103 | if (user == null) |
104 | { | ||
105 | m_log.DebugFormat("[PASS AUTH]: No user record for {0}", principalID); | ||
106 | return String.Empty; | ||
107 | } | ||
108 | |||
109 | int impersonateFlag = 1 << 6; | ||
110 | |||
111 | if ((user.UserFlags & impersonateFlag) == 0) | ||
112 | return String.Empty; | ||
113 | |||
114 | m_log.DebugFormat("[PASS AUTH]: Attempting impersonation"); | ||
115 | |||
116 | List<UserAccount> accounts = m_UserAccountService.GetUserAccountsWhere(UUID.Zero, "UserLevel >= 200"); | ||
117 | if (accounts == null || accounts.Count == 0) | ||
118 | return String.Empty; | ||
119 | |||
120 | foreach (UserAccount a in accounts) | ||
121 | { | ||
122 | data = m_Database.Get(a.PrincipalID); | ||
123 | if (data == null || data.Data == null || | ||
124 | !data.Data.ContainsKey("passwordHash") || | ||
125 | !data.Data.ContainsKey("passwordSalt")) | ||
126 | { | ||
127 | continue; | ||
128 | } | ||
129 | |||
130 | // m_log.DebugFormat("[PASS AUTH]: Trying {0}", data.PrincipalID); | ||
131 | |||
132 | hashed = Util.Md5Hash(password + ":" + | ||
133 | data.Data["passwordSalt"].ToString()); | ||
134 | |||
135 | if (data.Data["passwordHash"].ToString() == hashed) | ||
136 | { | ||
137 | m_log.DebugFormat("[PASS AUTH]: {0} {1} impersonating {2}, proceeding with login", a.FirstName, a.LastName, principalID); | ||
138 | realID = a.PrincipalID; | ||
139 | return GetToken(principalID, lifetime); | ||
140 | } | ||
141 | // else | ||
142 | // { | ||
143 | // m_log.DebugFormat( | ||
144 | // "[AUTH SERVICE]: Salted hash {0} of given password did not match salted hash of {1} for PrincipalID {2}. Authentication failure.", | ||
145 | // hashed, data.Data["passwordHash"], data.PrincipalID); | ||
146 | // } | ||
147 | } | ||
148 | |||
149 | m_log.DebugFormat("[PASS AUTH]: Impersonation of {0} failed", principalID); | ||
101 | return String.Empty; | 150 | return String.Empty; |
102 | } | 151 | } |
103 | } | 152 | } |