From 147c9bcd453fde74c13a83a323a40ec0bb571c01 Mon Sep 17 00:00:00 2001
From: Dahlia Trimble
Date: Sat, 27 Jun 2009 07:49:10 +0000
Subject: Make cleartext authentication case sensitive. Thanks jhurliman for
 spotting this.

---
 OpenSim/Client/Linden/LLStandaloneLoginService.cs               | 2 +-
 OpenSim/Client/MXP/PacketHandler/MXPPacketServer.cs             | 4 ++--
 OpenSim/Framework/Communications/Services/HGLoginAuthService.cs | 2 +-
 OpenSim/Framework/Communications/Services/LoginService.cs       | 4 ++--
 OpenSim/Services/AuthenticationService/AuthenticationService.cs | 2 +-
 5 files changed, 7 insertions(+), 7 deletions(-)

(limited to 'OpenSim')

diff --git a/OpenSim/Client/Linden/LLStandaloneLoginService.cs b/OpenSim/Client/Linden/LLStandaloneLoginService.cs
index 6d8586d..2a13502 100644
--- a/OpenSim/Client/Linden/LLStandaloneLoginService.cs
+++ b/OpenSim/Client/Linden/LLStandaloneLoginService.cs
@@ -119,7 +119,7 @@ namespace OpenSim.Client.Linden
                 string s = Util.Md5Hash(password + ":" + profile.PasswordSalt);
 
                 bool loginresult = (profile.PasswordHash.Equals(s.ToString(), StringComparison.InvariantCultureIgnoreCase)
-                            || profile.PasswordHash.Equals(password, StringComparison.InvariantCultureIgnoreCase));
+                            || profile.PasswordHash.Equals(password, StringComparison.InvariantCulture));
                 return loginresult;
             }
         }
diff --git a/OpenSim/Client/MXP/PacketHandler/MXPPacketServer.cs b/OpenSim/Client/MXP/PacketHandler/MXPPacketServer.cs
index 7eab7c5..332ff70 100644
--- a/OpenSim/Client/MXP/PacketHandler/MXPPacketServer.cs
+++ b/OpenSim/Client/MXP/PacketHandler/MXPPacketServer.cs
@@ -540,8 +540,8 @@ namespace OpenSim.Client.MXP.PacketHandler
                 password = password.Remove(0, 3); //remove $1$
                 string s = Util.Md5Hash(password + ":" + userProfile.PasswordSalt);
                 return (userProfile.PasswordHash.Equals(s.ToString(), StringComparison.InvariantCultureIgnoreCase)
-                                   || userProfile.PasswordHash.Equals(password, StringComparison.InvariantCultureIgnoreCase));
-            }
+                                   || userProfile.PasswordHash.Equals(password, StringComparison.InvariantCulture));
+                }
             else
             {
                 return true;
diff --git a/OpenSim/Framework/Communications/Services/HGLoginAuthService.cs b/OpenSim/Framework/Communications/Services/HGLoginAuthService.cs
index 3ab9b38..d3f813e 100644
--- a/OpenSim/Framework/Communications/Services/HGLoginAuthService.cs
+++ b/OpenSim/Framework/Communications/Services/HGLoginAuthService.cs
@@ -234,7 +234,7 @@ namespace OpenSim.Framework.Communications.Services
                 string s = Util.Md5Hash(password + ":" + profile.PasswordSalt);
 
                 bool loginresult = (profile.PasswordHash.Equals(s.ToString(), StringComparison.InvariantCultureIgnoreCase)
-                            || profile.PasswordHash.Equals(password, StringComparison.InvariantCultureIgnoreCase));
+                            || profile.PasswordHash.Equals(password, StringComparison.InvariantCulture));
                 return loginresult;
             }
         }
diff --git a/OpenSim/Framework/Communications/Services/LoginService.cs b/OpenSim/Framework/Communications/Services/LoginService.cs
index 7eb98d7..897c763 100644
--- a/OpenSim/Framework/Communications/Services/LoginService.cs
+++ b/OpenSim/Framework/Communications/Services/LoginService.cs
@@ -769,8 +769,8 @@ namespace OpenSim.Framework.Communications.Services
             //m_log.Info("[LOGIN]: userprofile:" + profile.passwordHash + " SubCT:" + password);
 
             passwordSuccess = (profile.PasswordHash.Equals(s.ToString(), StringComparison.InvariantCultureIgnoreCase)
-                               || profile.PasswordHash.Equals(password, StringComparison.InvariantCultureIgnoreCase));
-
+                               || profile.PasswordHash.Equals(password, StringComparison.InvariantCulture));
+            
             return passwordSuccess;
         }
 
diff --git a/OpenSim/Services/AuthenticationService/AuthenticationService.cs b/OpenSim/Services/AuthenticationService/AuthenticationService.cs
index 6eaf0b0..06f0e8f 100644
--- a/OpenSim/Services/AuthenticationService/AuthenticationService.cs
+++ b/OpenSim/Services/AuthenticationService/AuthenticationService.cs
@@ -126,7 +126,7 @@ namespace OpenSim.Services.AuthenticationService
             //m_log.Info("[LOGIN]: userprofile:" + profile.passwordHash + " SubCT:" + password);
 
             passwordSuccess = (profile.PasswordHash.Equals(s.ToString(), StringComparison.InvariantCultureIgnoreCase)
-                               || profile.PasswordHash.Equals(password, StringComparison.InvariantCultureIgnoreCase));
+                               || profile.PasswordHash.Equals(password, StringComparison.InvariantCulture));
 
             return passwordSuccess;
         }
-- 
cgit v1.1