2 files changed, 70 insertions, 350 deletions
diff --git a/OpenSim/Services/AuthenticationService/AuthenticationService.cs b/OpenSim/Services/AuthenticationService/AuthenticationService.cs
deleted file mode 100644
index b81a004..0000000
--- a/OpenSim/Services/AuthenticationService/AuthenticationService.cs
+++ /dev/null
@@ -1,312 +0,0 @@
-/*
- * Copyright (c) Contributors, http://opensimulator.org/
- * See CONTRIBUTORS.TXT for a full list of copyright holders.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *     * Redistributions of source code must retain the above copyright
- *       notice, this list of conditions and the following disclaimer.
- *     * Redistributions in binary form must reproduce the above copyright
- *       notice, this list of conditions and the following disclaimer in the
- *       documentation and/or other materials provided with the distribution.
- *     * Neither the name of the OpenSimulator Project nor the
- *       names of its contributors may be used to endorse or promote products
- *       derived from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
- * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
- * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
- * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
- * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
- * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-using System;
-using System.Collections.Generic;
-using System.Reflection;
-using Nini.Config;
-using log4net;
-using OpenSim.Framework;
-using OpenSim.Data;
-using OpenSim.Services.Base;
-using OpenSim.Services.Interfaces;
-using OpenMetaverse;
-namespace OpenSim.Services.AuthenticationService
-{
-    /// <summary>
-    /// Simple authentication service implementation dealing only with users.
-    /// It uses the user DB directly to access user information.
-    /// It takes two config vars:
-    /// - Authenticate = {true|false} : to do or not to do authentication
-    /// - Authority = string like "osgrid.org" : this identity authority
-    ///               that will be called back for identity verification
-    /// </summary>
-    public class HGAuthenticationService : ServiceBase, IAuthenticationService
-    {
-        private static readonly ILog m_log
-            = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
-        protected IUserDataPlugin m_Database;
-        protected string m_AuthorityURL;
-        protected bool m_PerformAuthentication;
-        protected Dictionary<UUID, List<string>> m_UserKeys = new Dictionary<UUID, List<string>>();
-        public HGAuthenticationService(IConfigSource config) : base(config)
-        {
-            string dllName = String.Empty;
-            string connString = String.Empty;
-            //
-            // Try reading the [DatabaseService] section first, if it exists
-            //
-            IConfig dbConfig = config.Configs["DatabaseService"];
-            if (dbConfig != null)
-            {
-                dllName = dbConfig.GetString("StorageProvider", String.Empty);
-                connString = dbConfig.GetString("ConnectionString", String.Empty);
-            }
-            //
-            // Try reading the more specific [InventoryService] section, if it exists
-            //
-            IConfig authConfig = config.Configs["AuthenticationService"];
-            if (authConfig != null)
-            {
-                dllName = authConfig.GetString("StorageProvider", dllName);
-                connString = authConfig.GetString("ConnectionString", connString);
-                m_PerformAuthentication = authConfig.GetBoolean("Authenticate", true);
-                m_AuthorityURL = "http://" + authConfig.GetString("Authority", "localhost");
-                if (!m_AuthorityURL.EndsWith("/"))
-                    m_AuthorityURL += "/";
-            }
-            //
-            // We tried, but this doesn't exist. We can't proceed.
-            //
-            if (dllName.Equals(String.Empty))
-                throw new Exception("No InventoryService configuration");
-            m_Database = LoadPlugin<IUserDataPlugin>(dllName);
-            if (m_Database == null)
-                throw new Exception("Could not find a storage interface in the given module");
-            m_Database.Initialise(connString);
-        } 
-        public UUID AuthenticateKey(UUID principalID, string key)
-        {
-            bool writeAgentData = false;
-            UserAgentData agent = m_Database.GetAgentByUUID(principalID);
-            if (agent == null)
-            {
-                agent = new UserAgentData();
-                agent.ProfileID = principalID;
-                agent.SessionID = UUID.Random();
-                agent.SecureSessionID = UUID.Random();
-                agent.AgentIP = "127.0.0.1";
-                agent.AgentPort = 0;
-                agent.AgentOnline = false;
-                writeAgentData = true;
-            }
-            if (!m_PerformAuthentication)
-            {
-                if (writeAgentData)
-                    m_Database.AddNewUserAgent(agent);
-                return agent.SessionID;
-            }
-            if (!VerifyKey(principalID, key))
-                return UUID.Zero;
-            if (writeAgentData)
-                m_Database.AddNewUserAgent(agent);
-            return agent.SessionID;
-        }
-        /// <summary>
-        /// This implementation only authenticates users.
-        /// </summary>
-        /// <param name="principalID"></param>
-        /// <param name="password"></param>
-        /// <returns></returns>
-        public UUID AuthenticatePassword(UUID principalID, string password)
-        {
-            bool writeAgentData = false;
-            UserAgentData agent = m_Database.GetAgentByUUID(principalID);
-            if (agent == null)
-            {
-                agent = new UserAgentData();
-                agent.ProfileID = principalID;
-                agent.SessionID = UUID.Random();
-                agent.SecureSessionID = UUID.Random();
-                agent.AgentIP = "127.0.0.1";
-                agent.AgentPort = 0;
-                agent.AgentOnline = false;
-                writeAgentData = true;
-            }
-            if (!m_PerformAuthentication)
-            {
-                if (writeAgentData)
-                    m_Database.AddNewUserAgent(agent);
-                return agent.SessionID;
-            }
-            UserProfileData profile = m_Database.GetUserByUUID(principalID);
-            bool passwordSuccess = false;
-            m_log.InfoFormat("[AUTH]: Authenticating {0} {1} ({2})", profile.FirstName, profile.SurName, profile.ID);
-            // we do this to get our hash in a form that the server password code can consume
-            // when the web-login-form submits the password in the clear (supposed to be over SSL!)
-            if (!password.StartsWith("$1$"))
-                password = "$1$" + Util.Md5Hash(password);
-            password = password.Remove(0, 3); //remove $1$
-            string s = Util.Md5Hash(password + ":" + profile.PasswordSalt);
-            // Testing...
-            //m_log.Info("[LOGIN]: SubHash:" + s + " userprofile:" + profile.passwordHash);
-            //m_log.Info("[LOGIN]: userprofile:" + profile.passwordHash + " SubCT:" + password);
-            passwordSuccess = (profile.PasswordHash.Equals(s.ToString(), StringComparison.InvariantCultureIgnoreCase)
-                               || profile.PasswordHash.Equals(password, StringComparison.InvariantCulture));
-            if (!passwordSuccess)
-                return UUID.Zero;
-            if (writeAgentData)
-                m_Database.AddNewUserAgent(agent);
-            return agent.SessionID;
-        }
-        /// <summary>
-        /// This generates authorization keys in the form
-        /// http://authority/uuid
-        /// after verifying that the caller is, indeed, authorized to request a key
-        /// </summary>
-        /// <param name="userID">The principal ID requesting the new key</param>
-        /// <param name="authToken">The original authorization token for that principal, obtained during login</param>
-        /// <returns></returns>
-        public string GetKey(UUID principalID, string authToken)
-        {
-            UserProfileData profile = m_Database.GetUserByUUID(principalID);
-            string newKey = string.Empty;
-            if (profile != null)
-            {
-                m_log.DebugFormat("[AUTH]: stored auth token is {0}. Given token is {1}", profile.WebLoginKey.ToString(), authToken);
-                // I'm overloading webloginkey for this, so that no changes are needed in the DB
-                // The uses of webloginkey are fairly mutually exclusive
-                if (profile.WebLoginKey.ToString().Equals(authToken))
-                {
-                    newKey = UUID.Random().ToString();
-                    List<string> keys;
-                    lock (m_UserKeys)
-                    {
-                        if (m_UserKeys.ContainsKey(principalID))
-                        {
-                            keys = m_UserKeys[principalID];
-                        }
-                        else
-                        {
-                            keys = new List<string>();
-                            m_UserKeys.Add(principalID, keys);
-                        }
-                        keys.Add(newKey);
-                    }
-                    m_log.InfoFormat("[AUTH]: Successfully generated new auth key for {0}", principalID);
-                }
-                else
-                    m_log.Warn("[AUTH]: Unauthorized key generation request. Denying new key.");
-            }
-            else
-                m_log.Warn("[AUTH]: Principal not found.");
-            return m_AuthorityURL + newKey;
-        }
-        /// <summary>
-        /// This verifies the uuid portion of the key given out by GenerateKey
-        /// </summary>
-        /// <param name="userID"></param>
-        /// <param name="key"></param>
-        /// <returns></returns>
-        public bool VerifyKey(UUID userID, string key)
-        {
-            lock (m_UserKeys)
-            {
-                if (m_UserKeys.ContainsKey(userID))
-                {
-                    List<string> keys = m_UserKeys[userID];
-                    if (keys.Contains(key))
-                    {
-                        // Keys are one-time only, so remove it
-                        keys.Remove(key);
-                        return true;
-                    }
-                    return false;
-                }
-                else
-                    return false;
-            }
-        }
-        public UUID CreateUserSession(UUID userID, UUID oldSessionID)
-        {
-            UserAgentData agent = m_Database.GetAgentByUUID(userID);
-            if (agent == null)
-                return UUID.Zero;
-            agent.SessionID = UUID.Random();
-            m_Database.AddNewUserAgent(agent);
-            return agent.SessionID;
-        }
-        public bool VerifyUserSession(UUID userID, UUID sessionID)
-        {
-            UserProfileData userProfile = m_Database.GetUserByUUID(userID);
-            if (userProfile != null && userProfile.CurrentAgent != null)
-            {
-                m_log.DebugFormat("[AUTH]: Verifying session {0} for {1}; current  session {2}", sessionID, userID, userProfile.CurrentAgent.SessionID);
-                if (userProfile.CurrentAgent.SessionID == sessionID)
-                {
-                    return true;
-                }
-            }
-            return false;
-        }
-        public bool DestroyUserSession(UUID userID, UUID sessionID)
-        {
-            if (!VerifyUserSession(userID, sessionID))
-                return false;
-            UserAgentData agent = m_Database.GetAgentByUUID(userID);
-            if (agent == null)
-                return false;
-            agent.SessionID = UUID.Zero;
-            m_Database.AddNewUserAgent(agent);
-            return true;
-        }
-    }
-}
diff --git a/OpenSim/Services/Interfaces/IAuthenticationService.cs b/OpenSim/Services/Interfaces/IAuthenticationService.cs
index 2402414..d473cf8 100644
--- a/OpenSim/Services/Interfaces/IAuthenticationService.cs
+++ b/OpenSim/Services/Interfaces/IAuthenticationService.cs
@@ -38,57 +38,89 @@ namespace OpenSim.Services.Interfaces
    //
    public interface IAuthenticationService
    {
-        //////////////////////////////////////////////////
+        //////////////////////////////////////////////////////
-        // Web login key portion
+        // PKI Zone!
        //
+        // HG2 authentication works by using a cryptographic
-        // Get a service key given that principal's 
+        // exchange.
-        // authentication token (master key). 
+        // This method must provide a public key, the other
+        // crypto methods must understand hoow to deal with
+        // messages encrypted to it.
        //
-        string GetKey(UUID principalID, string authToken);
+        // If the public key is of zero length, you will
+        // get NO encryption and NO security.
-        // Verify that a principal key is valid
+        //
+        // For non-HG installations, this is not relevant
        //
-        bool VerifyKey(UUID principalID, string key);
+        // Implementors who are not using PKI can treat the
+        // cyphertext as a string and provide a zero-length
+        // key. Encryptionless implementations will not
+        // interoperate with implementations using encryption.
+        // If one side uses encryption, both must do so.
+        //
+        byte[] GetPublicKey();
-        //////////////////////////////////////////////////
+        //////////////////////////////////////////////////////
-        // Password auth portion
+        // Authentication
+        //
+        // These methods will return a token, which can be used to access
+        // various services.
+        //
+        // The encrypted versions take the received cyphertext and
+        // the public key of the peer, which the connector must have
+        // obtained using a remote GetPublicKey call.
        //
+        string AuthenticatePassword(UUID principalID, string password);
+        byte[] AuthenticatePasswordEncrypted(byte[] cyphertext, byte[] key);
-        // Here's how thos works, and why.
+        string AuthenticateWebkey(UUID principalID, string webkey);
-        //
+        byte[] AuthenticateWebkeyEncrypted(byte[] cyphertext, byte[] key);
-        // The authentication methods will return the existing session,
-        // or UUID.Zero if authentication failed. If there is no session,
-        // they will create one.
-        // The CreateUserSession method will unconditionally create a session
-        // and invalidate the prior session.
-        // Grid login uses this method to make sure that the session is
-        // fresh and new. Other software, like management applications,
-        // can obtain this existing session if they have a key or password
-        // for that account, this allows external apps to obtain credentials
-        // and use authenticating interface methods.
-        //
-        
-        // Check the pricipal's password
-        //
-        UUID AuthenticatePassword(UUID principalID, string password);
-        // Check the principal's key
+        //////////////////////////////////////////////////////
+        // Verification
        //
-        UUID AuthenticateKey(UUID principalID, string password);
+        // Allows to verify the authenticity of a token
+        //
+        // Tokens expire after 30 minutes and can be refreshed by
+        // re-verifying.
+        //
+        // If encrypted authentication was used, encrypted verification
+        // must be used to refresh. Unencrypted verification is still
+        // performed, but doesn't refresh token lifetime.
+        //
+        bool Verify(UUID principalID, string token);
+        bool VerifyEncrypted(byte[] cyphertext, byte[] key);
-        // Create a new session, invalidating the old ones
+        //////////////////////////////////////////////////////
+        // Teardown
+        //
+        // A token can be returned before the timeout. This
+        // invalidates it and it can not subsequently be used
+        // or refreshed.
+        //
+        // Tokens created by encrypted authentication must
+        // be returned by encrypted release calls;
        //
-        UUID CreateUserSession(UUID principalID, UUID oldSessionID);
+        bool Release(UUID principalID, string token);
+        bool ReleaseEncrypted(byte[] cyphertext, byte[] key);
-        // Verify that a user session ID is valid. A session ID is
+        //////////////////////////////////////////////////////
-        // considered valid when a user has successfully authenticated
+        // Grid
-        // at least one time inside that session.
        //
-        bool VerifyUserSession(UUID principalID, UUID sessionID);
+        // We no longer need a shared secret between grid
+        // servers. Anything a server requests from another
+        // server is either done on behalf of a user, in which
+        // case there is a token, or on behalf of a region,
+        // which has a session. So, no more keys.
+        // If sniffing on the local lan is an issue, admins
+        // need to take approriate action (IPSec is recommended)
+        // to secure inter-server traffic.
-        // Deauthenticate user
+        //////////////////////////////////////////////////////
+        // NOTE
        //
-        bool DestroyUserSession(UUID principalID, UUID sessionID);
+        // Session IDs are not handled here. After obtaining
+        // a token, the session ID regions use can be
+        // obtained from the presence service.
    }
 }

diff --git a/OpenSim/Services/AuthenticationService/AuthenticationService.cs b/OpenSim/Services/AuthenticationService/AuthenticationService.cs deleted file mode 100644 index b81a004..0000000 --- a/OpenSim/Services/AuthenticationService/AuthenticationService.cs +++ /dev/null
@@ -1,312 +0,0 @@
1	/*
2	* Copyright (c) Contributors, http://opensimulator.org/
3	* See CONTRIBUTORS.TXT for a full list of copyright holders.
4	*
5	* Redistribution and use in source and binary forms, with or without
6	* modification, are permitted provided that the following conditions are met:
7	* * Redistributions of source code must retain the above copyright
8	* notice, this list of conditions and the following disclaimer.
9	* * Redistributions in binary form must reproduce the above copyright
10	* notice, this list of conditions and the following disclaimer in the
11	* documentation and/or other materials provided with the distribution.
12	* * Neither the name of the OpenSimulator Project nor the
13	* names of its contributors may be used to endorse or promote products
14	* derived from this software without specific prior written permission.
15	*
16	* THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY
17	* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18	* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
19	* DISCLAIMED. IN NO EVENT SHALL THE CONTRIBUTORS BE LIABLE FOR ANY
20	* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
21	* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
22	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
23	* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
25	* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26	*/
27
28	using System;
29	using System.Collections.Generic;
30	using System.Reflection;
31	using Nini.Config;
32	using log4net;
33	using OpenSim.Framework;
34	using OpenSim.Data;
35	using OpenSim.Services.Base;
36	using OpenSim.Services.Interfaces;
37	using OpenMetaverse;
38
39	namespace OpenSim.Services.AuthenticationService
40	{
41	/// <summary>
42	/// Simple authentication service implementation dealing only with users.
43	/// It uses the user DB directly to access user information.
44	/// It takes two config vars:
45	/// - Authenticate = {true\|false} : to do or not to do authentication
46	/// - Authority = string like "osgrid.org" : this identity authority
47	/// that will be called back for identity verification
48	/// </summary>
49	public class HGAuthenticationService : ServiceBase, IAuthenticationService
50	{
51	private static readonly ILog m_log
52	= LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
53
54	protected IUserDataPlugin m_Database;
55	protected string m_AuthorityURL;
56	protected bool m_PerformAuthentication;
57	protected Dictionary<UUID, List<string>> m_UserKeys = new Dictionary<UUID, List<string>>();
58
59
60	public HGAuthenticationService(IConfigSource config) : base(config)
61	{
62	string dllName = String.Empty;
63	string connString = String.Empty;
64
65	//
66	// Try reading the [DatabaseService] section first, if it exists
67	//
68	IConfig dbConfig = config.Configs["DatabaseService"];
69	if (dbConfig != null)
70	{
71	dllName = dbConfig.GetString("StorageProvider", String.Empty);
72	connString = dbConfig.GetString("ConnectionString", String.Empty);
73	}
74
75	//
76	// Try reading the more specific [InventoryService] section, if it exists
77	//
78	IConfig authConfig = config.Configs["AuthenticationService"];
79	if (authConfig != null)
80	{
81	dllName = authConfig.GetString("StorageProvider", dllName);
82	connString = authConfig.GetString("ConnectionString", connString);
83
84	m_PerformAuthentication = authConfig.GetBoolean("Authenticate", true);
85	m_AuthorityURL = "http://" + authConfig.GetString("Authority", "localhost");
86	if (!m_AuthorityURL.EndsWith("/"))
87	m_AuthorityURL += "/";
88	}
89
90	//
91	// We tried, but this doesn't exist. We can't proceed.
92	//
93	if (dllName.Equals(String.Empty))
94	throw new Exception("No InventoryService configuration");
95
96	m_Database = LoadPlugin<IUserDataPlugin>(dllName);
97	if (m_Database == null)
98	throw new Exception("Could not find a storage interface in the given module");
99
100	m_Database.Initialise(connString);
101	}
102
103	public UUID AuthenticateKey(UUID principalID, string key)
104	{
105	bool writeAgentData = false;
106
107	UserAgentData agent = m_Database.GetAgentByUUID(principalID);
108	if (agent == null)
109	{
110	agent = new UserAgentData();
111	agent.ProfileID = principalID;
112	agent.SessionID = UUID.Random();
113	agent.SecureSessionID = UUID.Random();
114	agent.AgentIP = "127.0.0.1";
115	agent.AgentPort = 0;
116	agent.AgentOnline = false;
117
118	writeAgentData = true;
119	}
120
121	if (!m_PerformAuthentication)
122	{
123	if (writeAgentData)
124	m_Database.AddNewUserAgent(agent);
125	return agent.SessionID;
126	}
127
128	if (!VerifyKey(principalID, key))
129	return UUID.Zero;
130
131	if (writeAgentData)
132	m_Database.AddNewUserAgent(agent);
133
134	return agent.SessionID;
135	}
136
137	/// <summary>
138	/// This implementation only authenticates users.
139	/// </summary>
140	/// <param name="principalID"></param>
141	/// <param name="password"></param>
142	/// <returns></returns>
143	public UUID AuthenticatePassword(UUID principalID, string password)
144	{
145	bool writeAgentData = false;
146
147	UserAgentData agent = m_Database.GetAgentByUUID(principalID);
148	if (agent == null)
149	{
150	agent = new UserAgentData();
151	agent.ProfileID = principalID;
152	agent.SessionID = UUID.Random();
153	agent.SecureSessionID = UUID.Random();
154	agent.AgentIP = "127.0.0.1";
155	agent.AgentPort = 0;
156	agent.AgentOnline = false;
157
158	writeAgentData = true;
159	}
160
161	if (!m_PerformAuthentication)
162	{
163	if (writeAgentData)
164	m_Database.AddNewUserAgent(agent);
165	return agent.SessionID;
166	}
167
168	UserProfileData profile = m_Database.GetUserByUUID(principalID);
169	bool passwordSuccess = false;
170	m_log.InfoFormat("[AUTH]: Authenticating {0} {1} ({2})", profile.FirstName, profile.SurName, profile.ID);
171
172	// we do this to get our hash in a form that the server password code can consume
173	// when the web-login-form submits the password in the clear (supposed to be over SSL!)
174	if (!password.StartsWith("$1$"))
175	password = "$1$" + Util.Md5Hash(password);
176
177	password = password.Remove(0, 3); //remove $1$
178
179	string s = Util.Md5Hash(password + ":" + profile.PasswordSalt);
180	// Testing...
181	//m_log.Info("[LOGIN]: SubHash:" + s + " userprofile:" + profile.passwordHash);
182	//m_log.Info("[LOGIN]: userprofile:" + profile.passwordHash + " SubCT:" + password);
183
184	passwordSuccess = (profile.PasswordHash.Equals(s.ToString(), StringComparison.InvariantCultureIgnoreCase)
185	\|\| profile.PasswordHash.Equals(password, StringComparison.InvariantCulture));
186
187	if (!passwordSuccess)
188	return UUID.Zero;
189
190	if (writeAgentData)
191	m_Database.AddNewUserAgent(agent);
192
193	return agent.SessionID;
194	}
195
196	/// <summary>
197	/// This generates authorization keys in the form
198	/// http://authority/uuid
199	/// after verifying that the caller is, indeed, authorized to request a key
200	/// </summary>
201	/// <param name="userID">The principal ID requesting the new key</param>
202	/// <param name="authToken">The original authorization token for that principal, obtained during login</param>
203	/// <returns></returns>
204	public string GetKey(UUID principalID, string authToken)
205	{
206	UserProfileData profile = m_Database.GetUserByUUID(principalID);
207	string newKey = string.Empty;
208
209	if (profile != null)
210	{
211	m_log.DebugFormat("[AUTH]: stored auth token is {0}. Given token is {1}", profile.WebLoginKey.ToString(), authToken);
212	// I'm overloading webloginkey for this, so that no changes are needed in the DB
213	// The uses of webloginkey are fairly mutually exclusive
214	if (profile.WebLoginKey.ToString().Equals(authToken))
215	{
216	newKey = UUID.Random().ToString();
217	List<string> keys;
218	lock (m_UserKeys)
219	{
220	if (m_UserKeys.ContainsKey(principalID))
221	{
222	keys = m_UserKeys[principalID];
223	}
224	else
225	{
226	keys = new List<string>();
227	m_UserKeys.Add(principalID, keys);
228	}
229	keys.Add(newKey);
230	}
231	m_log.InfoFormat("[AUTH]: Successfully generated new auth key for {0}", principalID);
232	}
233	else
234	m_log.Warn("[AUTH]: Unauthorized key generation request. Denying new key.");
235	}
236	else
237	m_log.Warn("[AUTH]: Principal not found.");
238
239	return m_AuthorityURL + newKey;
240	}
241
242	/// <summary>
243	/// This verifies the uuid portion of the key given out by GenerateKey
244	/// </summary>
245	/// <param name="userID"></param>
246	/// <param name="key"></param>
247	/// <returns></returns>
248	public bool VerifyKey(UUID userID, string key)
249	{
250	lock (m_UserKeys)
251	{
252	if (m_UserKeys.ContainsKey(userID))
253	{
254	List<string> keys = m_UserKeys[userID];
255	if (keys.Contains(key))
256	{
257	// Keys are one-time only, so remove it
258	keys.Remove(key);
259	return true;
260	}
261	return false;
262	}
263	else
264	return false;
265	}
266	}
267
268	public UUID CreateUserSession(UUID userID, UUID oldSessionID)
269	{
270	UserAgentData agent = m_Database.GetAgentByUUID(userID);
271
272	if (agent == null)
273	return UUID.Zero;
274
275	agent.SessionID = UUID.Random();
276
277	m_Database.AddNewUserAgent(agent);
278	return agent.SessionID;
279	}
280
281	public bool VerifyUserSession(UUID userID, UUID sessionID)
282	{
283	UserProfileData userProfile = m_Database.GetUserByUUID(userID);
284
285	if (userProfile != null && userProfile.CurrentAgent != null)
286	{
287	m_log.DebugFormat("[AUTH]: Verifying session {0} for {1}; current session {2}", sessionID, userID, userProfile.CurrentAgent.SessionID);
288	if (userProfile.CurrentAgent.SessionID == sessionID)
289	{
290	return true;
291	}
292	}
293
294	return false;
295	}
296
297	public bool DestroyUserSession(UUID userID, UUID sessionID)
298	{
299	if (!VerifyUserSession(userID, sessionID))
300	return false;
301
302	UserAgentData agent = m_Database.GetAgentByUUID(userID);
303	if (agent == null)
304	return false;
305
306	agent.SessionID = UUID.Zero;
307	m_Database.AddNewUserAgent(agent);
308
309	return true;
310	}
311	}
312	}


diff --git a/OpenSim/Services/Interfaces/IAuthenticationService.cs b/OpenSim/Services/Interfaces/IAuthenticationService.cs index 2402414..d473cf8 100644 --- a/OpenSim/Services/Interfaces/IAuthenticationService.cs +++ b/OpenSim/Services/Interfaces/IAuthenticationService.cs
@@ -38,57 +38,89 @@ namespace OpenSim.Services.Interfaces
38	//	38	//
39	public interface IAuthenticationService	39	public interface IAuthenticationService
40	{	40	{
41	//////////////////////////////////////////////////	41	//////////////////////////////////////////////////////
42	// Web login key portion	42	// PKI Zone!
43	//	43	//
44		44	// HG2 authentication works by using a cryptographic
45	// Get a service key given that principal's	45	// exchange.
46	// authentication token (master key).	46	// This method must provide a public key, the other
		47	// crypto methods must understand hoow to deal with
		48	// messages encrypted to it.
47	//	49	//
48	string GetKey(UUID principalID, string authToken);	50	// If the public key is of zero length, you will
49		51	// get NO encryption and NO security.
50	// Verify that a principal key is valid	52	//
		53	// For non-HG installations, this is not relevant
51	//	54	//
52	bool VerifyKey(UUID principalID, string key);	55	// Implementors who are not using PKI can treat the
		56	// cyphertext as a string and provide a zero-length
		57	// key. Encryptionless implementations will not
		58	// interoperate with implementations using encryption.
		59	// If one side uses encryption, both must do so.
		60	//
		61	byte[] GetPublicKey();
53		62
54	//////////////////////////////////////////////////	63	//////////////////////////////////////////////////////
55	// Password auth portion	64	// Authentication
		65	//
		66	// These methods will return a token, which can be used to access
		67	// various services.
		68	//
		69	// The encrypted versions take the received cyphertext and
		70	// the public key of the peer, which the connector must have
		71	// obtained using a remote GetPublicKey call.
56	//	72	//
		73	string AuthenticatePassword(UUID principalID, string password);
		74	byte[] AuthenticatePasswordEncrypted(byte[] cyphertext, byte[] key);
57		75
58	// Here's how thos works, and why.	76	string AuthenticateWebkey(UUID principalID, string webkey);
59	//	77	byte[] AuthenticateWebkeyEncrypted(byte[] cyphertext, byte[] key);
60	// The authentication methods will return the existing session,
61	// or UUID.Zero if authentication failed. If there is no session,
62	// they will create one.
63	// The CreateUserSession method will unconditionally create a session
64	// and invalidate the prior session.
65	// Grid login uses this method to make sure that the session is
66	// fresh and new. Other software, like management applications,
67	// can obtain this existing session if they have a key or password
68	// for that account, this allows external apps to obtain credentials
69	// and use authenticating interface methods.
70	//
71
72	// Check the pricipal's password
73	//
74	UUID AuthenticatePassword(UUID principalID, string password);
75		78
76	// Check the principal's key	79	//////////////////////////////////////////////////////
		80	// Verification
77	//	81	//
78	UUID AuthenticateKey(UUID principalID, string password);	82	// Allows to verify the authenticity of a token
		83	//
		84	// Tokens expire after 30 minutes and can be refreshed by
		85	// re-verifying.
		86	//
		87	// If encrypted authentication was used, encrypted verification
		88	// must be used to refresh. Unencrypted verification is still
		89	// performed, but doesn't refresh token lifetime.
		90	//
		91	bool Verify(UUID principalID, string token);
		92	bool VerifyEncrypted(byte[] cyphertext, byte[] key);
79		93
80	// Create a new session, invalidating the old ones	94	//////////////////////////////////////////////////////
		95	// Teardown
		96	//
		97	// A token can be returned before the timeout. This
		98	// invalidates it and it can not subsequently be used
		99	// or refreshed.
		100	//
		101	// Tokens created by encrypted authentication must
		102	// be returned by encrypted release calls;
81	//	103	//
82	UUID CreateUserSession(UUID principalID, UUID oldSessionID);	104	bool Release(UUID principalID, string token);
		105	bool ReleaseEncrypted(byte[] cyphertext, byte[] key);
83		106
84	// Verify that a user session ID is valid. A session ID is	107	//////////////////////////////////////////////////////
85	// considered valid when a user has successfully authenticated	108	// Grid
86	// at least one time inside that session.
87	//	109	//
88	bool VerifyUserSession(UUID principalID, UUID sessionID);	110	// We no longer need a shared secret between grid
		111	// servers. Anything a server requests from another
		112	// server is either done on behalf of a user, in which
		113	// case there is a token, or on behalf of a region,
		114	// which has a session. So, no more keys.
		115	// If sniffing on the local lan is an issue, admins
		116	// need to take approriate action (IPSec is recommended)
		117	// to secure inter-server traffic.
89		118
90	// Deauthenticate user	119	//////////////////////////////////////////////////////
		120	// NOTE
91	//	121	//
92	bool DestroyUserSession(UUID principalID, UUID sessionID);	122	// Session IDs are not handled here. After obtaining
		123	// a token, the session ID regions use can be
		124	// obtained from the presence service.
93	}	125	}
94	}	126	}