From 7870152d23db4cb6f5834d4921fac17feb717220 Mon Sep 17 00:00:00 2001
From: Justin Clark-Casey (justincc)
Date: Thu, 24 Sep 2009 14:54:12 +0100
Subject: Allow load/save iar password checks to be done in grid mode This
should allow load/save iar to work for grid mode as long as the grid user
service is later than this revision Grid services of earlier revisions will
always erroneously report incorrect password. This will be addressed
shortly.
---
OpenSim/Framework/Communications/IUserService.cs | 16 ++++++-
.../Communications/Tests/Cache/AssetCacheTests.cs | 5 ++
.../Framework/Communications/UserManagerBase.cs | 32 +++++++++++--
OpenSim/Grid/UserServer.Modules/UserManager.cs | 56 +++++++++++++++++++++-
.../Communications/Local/LocalUserServices.cs | 19 +++++++-
.../Region/Communications/OGS1/OGS1UserServices.cs | 43 ++++++++++++++++-
.../Inventory/Archiver/InventoryArchiverModule.cs | 21 ++------
7 files changed, 166 insertions(+), 26 deletions(-)
diff --git a/OpenSim/Framework/Communications/IUserService.cs b/OpenSim/Framework/Communications/IUserService.cs
index 725225d..15c5a96 100644
--- a/OpenSim/Framework/Communications/IUserService.cs
+++ b/OpenSim/Framework/Communications/IUserService.cs
@@ -98,7 +98,7 @@ namespace OpenSim.Framework.Communications
/// The agent that who's friends list is being updated
/// The agent that is getting or loosing permissions
/// A uint bit vector for set perms that the friend being added has; 0 = none, 1=This friend can see when they sign on, 2 = map, 4 edit objects
- void UpdateUserFriendPerms(UUID friendlistowner, UUID friend, uint perms);
+ void UpdateUserFriendPerms(UUID friendlistowner, UUID friend, uint perms);
///
/// Logs off a user on the user server
@@ -137,9 +137,21 @@ namespace OpenSim.Framework.Communications
// But since Scenes only have IUserService references, I'm placing it here for now.
bool VerifySession(UUID userID, UUID sessionID);
+ ///
+ /// Authenticate a user by their password.
+ ///
+ ///
+ /// This is used by callers outside the login process that want to
+ /// verify a user who has given their password.
+ ///
+ /// This should probably also be in IAuthentication but is here for the same reasons as VerifySession() is
+ ///
+ ///
+ ///
+ ///
+ bool AuthenticateUserByPassword(UUID userID, string password);
// Temporary Hack until we move everything to the new service model
void SetInventoryService(IInventoryService invService);
-
}
}
diff --git a/OpenSim/Framework/Communications/Tests/Cache/AssetCacheTests.cs b/OpenSim/Framework/Communications/Tests/Cache/AssetCacheTests.cs
index ac0dc6d..a757282 100644
--- a/OpenSim/Framework/Communications/Tests/Cache/AssetCacheTests.cs
+++ b/OpenSim/Framework/Communications/Tests/Cache/AssetCacheTests.cs
@@ -149,6 +149,11 @@ namespace OpenSim.Framework.Communications.Tests
{
throw new NotImplementedException();
}
+
+ public virtual bool AuthenticateUserByPassword(UUID userID, string password)
+ {
+ throw new NotImplementedException();
+ }
}
}
}
diff --git a/OpenSim/Framework/Communications/UserManagerBase.cs b/OpenSim/Framework/Communications/UserManagerBase.cs
index 58174a0..1abd733 100644
--- a/OpenSim/Framework/Communications/UserManagerBase.cs
+++ b/OpenSim/Framework/Communications/UserManagerBase.cs
@@ -44,7 +44,8 @@ namespace OpenSim.Framework.Communications
///
/// Base class for user management (create, read, etc)
///
- public abstract class UserManagerBase : IUserService, IUserAdminService, IAvatarService, IMessagingService, IAuthentication
+ public abstract class UserManagerBase
+ : IUserService, IUserAdminService, IAvatarService, IMessagingService, IAuthentication
{
private static readonly ILog m_log
= LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType);
@@ -93,9 +94,9 @@ namespace OpenSim.Framework.Communications
public void AddPlugin(string provider, string connect)
{
m_plugins.AddRange(DataPluginFactory.LoadDataPlugins(provider, connect));
- }
+ }
- #region UserProfile
+ #region UserProfile
public virtual void AddTemporaryUserProfile(UserProfileData userProfile)
{
@@ -891,7 +892,10 @@ namespace OpenSim.Framework.Communications
if (userProfile != null && userProfile.CurrentAgent != null)
{
- m_log.DebugFormat("[USER AUTH]: Verifying session {0} for {1}; current session {2}", sessionID, userID, userProfile.CurrentAgent.SessionID);
+ m_log.DebugFormat(
+ "[USER AUTH]: Verifying session {0} for {1}; current session {2}",
+ sessionID, userID, userProfile.CurrentAgent.SessionID);
+
if (userProfile.CurrentAgent.SessionID == sessionID)
{
return true;
@@ -901,6 +905,26 @@ namespace OpenSim.Framework.Communications
return false;
}
+ public virtual bool AuthenticateUserByPassword(UUID userID, string password)
+ {
+// m_log.DebugFormat("[USER AUTH]: Authenticating user {0} given password {1}", userID, password);
+
+ UserProfileData userProfile = GetUserProfile(userID);
+
+ if (null == userProfile)
+ return false;
+
+ string md5PasswordHash = Util.Md5Hash(Util.Md5Hash(password) + ":" + userProfile.PasswordSalt);
+
+// m_log.DebugFormat(
+// "[USER AUTH]: Submitted hash {0}, stored hash {1}", md5PasswordHash, userProfile.PasswordHash);
+
+ if (md5PasswordHash == userProfile.PasswordHash)
+ return true;
+ else
+ return false;
+ }
+
#endregion
}
}
diff --git a/OpenSim/Grid/UserServer.Modules/UserManager.cs b/OpenSim/Grid/UserServer.Modules/UserManager.cs
index 002f232..bc19ac8 100644
--- a/OpenSim/Grid/UserServer.Modules/UserManager.cs
+++ b/OpenSim/Grid/UserServer.Modules/UserManager.cs
@@ -108,6 +108,9 @@ namespace OpenSim.Grid.UserServer.Modules
m_httpServer.AddXmlRPCHandler("get_user_by_uuid", XmlRPCGetUserMethodUUID);
m_httpServer.AddXmlRPCHandler("get_avatar_picker_avatar", XmlRPCGetAvatarPickerAvatar);
+ // Used by IAR module to do password checks
+ //m_httpServer.AddXmlRPCHandler("authenticate_user_by_password", XmlRPCAuthenticateUserMethodPassword);
+
m_httpServer.AddXmlRPCHandler("update_user_current_region", XmlRPCAtRegion);
m_httpServer.AddXmlRPCHandler("logout_of_simulator", XmlRPCLogOffUserMethodUUID);
m_httpServer.AddXmlRPCHandler("get_agent_by_uuid", XmlRPCGetAgentMethodUUID);
@@ -203,6 +206,57 @@ namespace OpenSim.Grid.UserServer.Modules
#region XMLRPC User Methods
+ ///
+ /// Authenticate a user using their password
+ ///
+ /// Must contain values for "user_uuid" and "password" keys
+ ///
+ ///
+ public XmlRpcResponse XmlRPCAuthenticateUserMethodPassword(XmlRpcRequest request, IPEndPoint remoteClient)
+ {
+// m_log.DebugFormat("[USER MANAGER]: Received authenticated user by password request from {0}", remoteClient);
+
+ Hashtable requestData = (Hashtable)request.Params[0];
+ string userUuidRaw = (string)requestData["user_uuid"];
+ string password = (string)requestData["password"];
+
+ if (null == userUuidRaw)
+ return Util.CreateUnknownUserErrorResponse();
+
+ UUID userUuid;
+ if (!UUID.TryParse(userUuidRaw, out userUuid))
+ return Util.CreateUnknownUserErrorResponse();
+
+ UserProfileData userProfile = m_userDataBaseService.GetUserProfile(userUuid);
+ if (null == userProfile)
+ return Util.CreateUnknownUserErrorResponse();
+
+ string authed;
+
+ if (null == password)
+ {
+ authed = "FALSE";
+ }
+ else
+ {
+ if (m_userDataBaseService.AuthenticateUserByPassword(userUuid, password))
+ authed = "TRUE";
+ else
+ authed = "FALSE";
+ }
+
+// m_log.DebugFormat(
+// "[USER MANAGER]: Authentication by password result from {0} for {1} is {2}",
+// remoteClient, userUuid, authed);
+
+ XmlRpcResponse response = new XmlRpcResponse();
+ Hashtable responseData = new Hashtable();
+ responseData["auth_user"] = authed;
+ response.Value = responseData;
+
+ return response;
+ }
+
public XmlRpcResponse XmlRPCGetAvatarPickerAvatar(XmlRpcRequest request, IPEndPoint remoteClient)
{
// XmlRpcResponse response = new XmlRpcResponse();
@@ -246,10 +300,10 @@ namespace OpenSim.Grid.UserServer.Modules
m_userDataBaseService.CommitAgent(ref userProfile);
//setUserProfile(userProfile);
-
returnstring = "TRUE";
}
}
+
responseData.Add("returnString", returnstring);
response.Value = responseData;
return response;
diff --git a/OpenSim/Region/Communications/Local/LocalUserServices.cs b/OpenSim/Region/Communications/Local/LocalUserServices.cs
index af4fb37..d18937e 100644
--- a/OpenSim/Region/Communications/Local/LocalUserServices.cs
+++ b/OpenSim/Region/Communications/Local/LocalUserServices.cs
@@ -80,6 +80,21 @@ namespace OpenSim.Region.Communications.Local
throw new Exception("[LOCAL USER SERVICES]: Unknown master user UUID. Possible reason: UserServer is not running.");
}
return data;
- }
+ }
+
+ public override bool AuthenticateUserByPassword(UUID userID, string password)
+ {
+ UserProfileData userProfile = GetUserProfile(userID);
+
+ if (null == userProfile)
+ return false;
+
+ string md5PasswordHash = Util.Md5Hash(Util.Md5Hash(password) + ":" + userProfile.PasswordSalt);
+
+ if (md5PasswordHash == userProfile.PasswordHash)
+ return true;
+ else
+ return false;
+ }
}
-}
+}
\ No newline at end of file
diff --git a/OpenSim/Region/Communications/OGS1/OGS1UserServices.cs b/OpenSim/Region/Communications/OGS1/OGS1UserServices.cs
index dff8305..89b3e42 100644
--- a/OpenSim/Region/Communications/OGS1/OGS1UserServices.cs
+++ b/OpenSim/Region/Communications/OGS1/OGS1UserServices.cs
@@ -140,6 +140,47 @@ namespace OpenSim.Region.Communications.OGS1
{
m_log.DebugFormat("[OGS1 USER SERVICES]: Verifying user session for " + userID);
return AuthClient.VerifySession(GetUserServerURL(userID), userID, sessionID);
- }
+ }
+
+ public override bool AuthenticateUserByPassword(UUID userID, string password)
+ {
+ try
+ {
+ Hashtable param = new Hashtable();
+ param["user_uuid"] = userID.ToString();
+ param["password"] = password;
+ IList parameters = new ArrayList();
+ parameters.Add(param);
+ XmlRpcRequest req = new XmlRpcRequest("authenticate_user_by_password", parameters);
+ XmlRpcResponse resp = req.Send(m_commsManager.NetworkServersInfo.UserURL, 30000);
+ Hashtable respData = (Hashtable)resp.Value;
+
+// foreach (object key in respData.Keys)
+// {
+// Console.WriteLine("respData {0}, {1}", key, respData[key]);
+// }
+
+// m_log.DebugFormat(
+// "[OGS1 USER SERVICES]: AuthenticatedUserByPassword response for {0} is [{1}]",
+// userID, respData["auth_user"]);
+
+ if ((string)respData["auth_user"] == "TRUE")
+ {
+ return true;
+ }
+ else
+ {
+ return false;
+ }
+ }
+ catch (Exception e)
+ {
+ m_log.ErrorFormat(
+ "[OGS1 USER SERVICES]: Error when trying to authenticate user by password from remote user server: {0}",
+ e);
+
+ return false;
+ }
+ }
}
}
\ No newline at end of file
diff --git a/OpenSim/Region/CoreModules/Avatar/Inventory/Archiver/InventoryArchiverModule.cs b/OpenSim/Region/CoreModules/Avatar/Inventory/Archiver/InventoryArchiverModule.cs
index 196205c..b82b940 100644
--- a/OpenSim/Region/CoreModules/Avatar/Inventory/Archiver/InventoryArchiverModule.cs
+++ b/OpenSim/Region/CoreModules/Avatar/Inventory/Archiver/InventoryArchiverModule.cs
@@ -322,7 +322,7 @@ namespace OpenSim.Region.CoreModules.Avatar.Inventory.Archiver
/// User password
///
protected CachedUserInfo GetUserInfo(string firstName, string lastName, string pass)
- {
+ {
CachedUserInfo userInfo = m_aScene.CommsManager.UserProfileCacheService.GetUserDetails(firstName, lastName);
//m_aScene.CommsManager.UserService.GetUserProfile(firstName, lastName);
if (null == userInfo)
@@ -333,29 +333,18 @@ namespace OpenSim.Region.CoreModules.Avatar.Inventory.Archiver
return null;
}
- string md5PasswdHash = Util.Md5Hash(Util.Md5Hash(pass) + ":" + userInfo.UserProfile.PasswordSalt);
-
- if (userInfo.UserProfile.PasswordHash == null || userInfo.UserProfile.PasswordHash == String.Empty)
+ if (m_aScene.CommsManager.UserService.AuthenticateUserByPassword(userInfo.UserProfile.ID, pass))
{
- m_log.ErrorFormat(
- "[INVENTORY ARCHIVER]: Sorry, the grid mode service is not providing password hash details for the check. This will be fixed in an OpenSim git revision soon");
-
- return null;
+ return userInfo;
}
-
-// m_log.DebugFormat(
-// "[INVENTORY ARCHIVER]: received salt {0}, hash {1}, supplied hash {2}",
-// userInfo.UserProfile.PasswordSalt, userInfo.UserProfile.PasswordHash, md5PasswdHash);
-
- if (userInfo.UserProfile.PasswordHash != md5PasswdHash)
+ else
{
m_log.ErrorFormat(
"[INVENTORY ARCHIVER]: Password for user {0} {1} incorrect. Please try again.",
firstName, lastName);
+
return null;
}
-
- return userInfo;
}
///
--
cgit v1.1