OpenSim
/
OpenSimMirror
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

* Support salted and unsalted password hashes in SimianAuthenticationServiceConnector

0.7-release
John Hurliman 2010-06-15 17:46:36 -07:00
parent cf5427e810
commit 212a538557
1 changed files with 46 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
OpenSim/Services/Connectors/SimianGrid/SimianAuthenticationServiceConnector.cs
View File

@ -114,10 +114,9 @@ namespace OpenSim.Services.Connectors.SimianGrid
{ {
if (identity["Type"].AsString() == "md5hash") if (identity["Type"].AsString() == "md5hash")
{ {
string credential = identity["Credential"].AsString(); string authorizeResult;
if (CheckPassword(principalID, password, identity["Credential"].AsString(), out authorizeResult))
if (password == credential || "$1$" + password == credential || "$1$" + Utils.MD5String(password) == credential || Utils.MD5String(password) == credential) return authorizeResult;
return Authorize(principalID);
md5hashFound = true; md5hashFound = true;
break; break;
@ -125,9 +124,7 @@ namespace OpenSim.Services.Connectors.SimianGrid
} }
} }
if (md5hashFound) if (!md5hashFound)
m_log.Warn("[SIMIAN AUTH CONNECTOR]: Authentication failed for " + principalID + " using md5hash $1$" + Utils.MD5String(password));
else
m_log.Warn("[SIMIAN AUTH CONNECTOR]: Authentication failed for " + principalID + ", no md5hash identity found"); m_log.Warn("[SIMIAN AUTH CONNECTOR]: Authentication failed for " + principalID + ", no md5hash identity found");
} }
else else
@ -228,6 +225,48 @@ namespace OpenSim.Services.Connectors.SimianGrid
return false; return false;
} }
private bool CheckPassword(UUID userID, string password, string simianGridCredential, out string authorizeResult)
{
if (simianGridCredential.Contains(":"))
{
// Salted version
int idx = simianGridCredential.IndexOf(':');
string finalhash = simianGridCredential.Substring(0, idx);
string salt = simianGridCredential.Substring(idx + 1);
if (finalhash == Utils.MD5String(password + ":" + salt))
{
authorizeResult = Authorize(userID);
return true;
}
else
{
m_log.Warn("[SIMIAN AUTH CONNECTOR]: Authentication failed for " + userID +
" using md5hash " + Utils.MD5String(password) + ":" + salt);
}
}
else
{
// Unsalted version
if (password == simianGridCredential ||
"$1$" + password == simianGridCredential ||
"$1$" + Utils.MD5String(password) == simianGridCredential ||
Utils.MD5String(password) == simianGridCredential)
{
authorizeResult = Authorize(userID);
return true;
}
else
{
m_log.Warn("[SIMIAN AUTH CONNECTOR]: Authentication failed for " + userID +
" using md5hash $1$" + Utils.MD5String(password));
}
}
authorizeResult = null;
return false;
}
private string Authorize(UUID userID) private string Authorize(UUID userID)
{ {
NameValueCollection requestArgs = new NameValueCollection NameValueCollection requestArgs = new NameValueCollection