1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
|
using System;
using System.Collections.Generic;
using System.Text;
using OpenGrid.Framework.Data;
namespace OpenGrid.Framework.Data.MySQL
{
public class MySQLGridData : IGridData
{
private MySQLManager database;
/// <summary>
/// Initialises the Grid Interface
/// </summary>
public void Initialise()
{
database = new MySQLManager("localhost", "db", "user", "password", "false");
}
/// <summary>
/// Shuts down the grid interface
/// </summary>
public void Close()
{
database.Close();
}
/// <summary>
/// Returns a sim profile from it's location
/// </summary>
/// <param name="handle">Region location handle</param>
/// <returns>Sim profile</returns>
public SimProfileData GetProfileByHandle(ulong handle)
{
Dictionary<string,string> param = new Dictionary<string,string>();
param["handle"] = handle.ToString();
System.Data.IDbCommand result = database.Query("SELECT * FROM regions WHERE handle = @handle", param);
System.Data.IDataReader reader = result.ExecuteReader();
SimProfileData row = database.getRow( reader );
reader.Close();
result.Dispose();
return row;
}
/// <summary>
/// Returns a sim profile from it's UUID
/// </summary>
/// <param name="uuid">The region UUID</param>
/// <returns>The sim profile</returns>
public SimProfileData GetProfileByLLUUID(libsecondlife.LLUUID uuid)
{
Dictionary<string, string> param = new Dictionary<string, string>();
param["uuid"] = uuid.ToStringHyphenated();
System.Data.IDbCommand result = database.Query("SELECT * FROM regions WHERE uuid = @uuid", param);
System.Data.IDataReader reader = result.ExecuteReader();
SimProfileData row = database.getRow(reader);
reader.Close();
result.Dispose();
return row;
}
/// <summary>
/// DEPRECIATED. Attempts to authenticate a region by comparing a shared secret.
/// </summary>
/// <param name="uuid">The UUID of the challenger</param>
/// <param name="handle">The attempted regionHandle of the challenger</param>
/// <param name="authkey">The secret</param>
/// <returns>Whether the secret and regionhandle match the database entry for UUID</returns>
public bool AuthenticateSim(libsecondlife.LLUUID uuid, ulong handle, string authkey)
{
bool throwHissyFit = false; // Should be true by 1.0
if (throwHissyFit)
throw new Exception("CRYPTOWEAK AUTHENTICATE: Refusing to authenticate due to replay potential.");
SimProfileData data = GetProfileByLLUUID(uuid);
return (handle == data.regionHandle && authkey == data.regionSecret);
}
/// <summary>
/// NOT YET FUNCTIONAL. Provides a cryptographic authentication of a region
/// </summary>
/// <remarks>This requires a security audit.</remarks>
/// <param name="uuid"></param>
/// <param name="handle"></param>
/// <param name="authhash"></param>
/// <param name="challenge"></param>
/// <returns></returns>
public bool AuthenticateSim(libsecondlife.LLUUID uuid, ulong handle, string authhash, string challenge)
{
System.Security.Cryptography.SHA512Managed HashProvider = new System.Security.Cryptography.SHA512Managed();
System.Text.ASCIIEncoding TextProvider = new ASCIIEncoding();
byte[] stream = TextProvider.GetBytes(uuid.ToStringHyphenated() + ":" + handle.ToString() + ":" + challenge);
byte[] hash = HashProvider.ComputeHash(stream);
return false;
}
}
}
|