From 25c32061e4407e9aa2f5f719ed7961d30545208e Mon Sep 17 00:00:00 2001
From: Justin Clark-Casey (justincc)
Date: Fri, 11 Nov 2011 23:45:08 +0000
Subject: Make log messages on authentication failure more explicit

---
 .../PasswordAuthenticationService.cs               | 39 ++++++++++++++--------
 1 file changed, 26 insertions(+), 13 deletions(-)

(limited to 'OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs')

diff --git a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
index 2fc9248..14d96cb 100644
--- a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
+++ b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
@@ -60,16 +60,25 @@ namespace OpenSim.Services.AuthenticationService
         {
             AuthenticationData data = m_Database.Get(principalID);
 
-            if (data != null && data.Data != null)
+            if (data == null)
             {
-                if (!data.Data.ContainsKey("passwordHash") ||
-                    !data.Data.ContainsKey("passwordSalt"))
-                {
-                    return String.Empty;
-                }
-
-                string hashed = Util.Md5Hash(password + ":" +
-                        data.Data["passwordSalt"].ToString());
+                m_log.DebugFormat("[AUTH SERVICE]: PrincipalID {0} not found", principalID);
+                return String.Empty;
+            }
+            else if (data.Data == null)
+            {
+                m_log.DebugFormat("[AUTH SERVICE]: PrincipalID {0} data not found", principalID);
+                return String.Empty;
+            }
+            else if (!data.Data.ContainsKey("passwordHash") || !data.Data.ContainsKey("passwordSalt"))
+            {
+                m_log.DebugFormat(
+                    "[AUTH SERVICE]: PrincipalID {0} data didn't contain either passwordHash or passwordSalt", principalID);
+                return String.Empty;
+            }
+            else
+            {
+                string hashed = Util.Md5Hash(password + ":" + data.Data["passwordSalt"].ToString());
 
                 //m_log.DebugFormat("[PASS AUTH]: got {0}; hashed = {1}; stored = {2}", password, hashed, data.Data["passwordHash"].ToString());
 
@@ -77,10 +86,14 @@ namespace OpenSim.Services.AuthenticationService
                 {
                     return GetToken(principalID, lifetime);
                 }
+                else
+                {
+                    m_log.DebugFormat(
+                        "[AUTH SERVICE]: Salted hash {0} of given password did not match salted hash of {1} for PrincipalID {2}.  Authentication failure.",
+                        principalID);
+                    return String.Empty;
+                }
             }
-
-            m_log.DebugFormat("[AUTH SERVICE]: PrincipalID {0} or its data not found", principalID);
-            return String.Empty;
         }
     }
-}
+}
\ No newline at end of file
-- 
cgit v1.1