* Support salted and unsalted password hashes in SimianAuthenticationServiceConnector

0.7-release
John Hurliman 2010-06-15 17:46:36 -07:00
parent 38f098588c
commit 6c0a372346
1 changed files with 46 additions and 7 deletions

View File

@ -114,10 +114,9 @@ namespace OpenSim.Services.Connectors.SimianGrid
{
if (identity["Type"].AsString() == "md5hash")
{
string credential = identity["Credential"].AsString();
if (password == credential || "$1$" + password == credential || "$1$" + Utils.MD5String(password) == credential || Utils.MD5String(password) == credential)
return Authorize(principalID);
string authorizeResult;
if (CheckPassword(principalID, password, identity["Credential"].AsString(), out authorizeResult))
return authorizeResult;
md5hashFound = true;
break;
@ -125,9 +124,7 @@ namespace OpenSim.Services.Connectors.SimianGrid
}
}
if (md5hashFound)
m_log.Warn("[SIMIAN AUTH CONNECTOR]: Authentication failed for " + principalID + " using md5hash $1$" + Utils.MD5String(password));
else
if (!md5hashFound)
m_log.Warn("[SIMIAN AUTH CONNECTOR]: Authentication failed for " + principalID + ", no md5hash identity found");
}
else
@ -228,6 +225,48 @@ namespace OpenSim.Services.Connectors.SimianGrid
return false;
}
private bool CheckPassword(UUID userID, string password, string simianGridCredential, out string authorizeResult)
{
if (simianGridCredential.Contains(":"))
{
// Salted version
int idx = simianGridCredential.IndexOf(':');
string finalhash = simianGridCredential.Substring(0, idx);
string salt = simianGridCredential.Substring(idx + 1);
if (finalhash == Utils.MD5String(password + ":" + salt))
{
authorizeResult = Authorize(userID);
return true;
}
else
{
m_log.Warn("[SIMIAN AUTH CONNECTOR]: Authentication failed for " + userID +
" using md5hash " + Utils.MD5String(password) + ":" + salt);
}
}
else
{
// Unsalted version
if (password == simianGridCredential ||
"$1$" + password == simianGridCredential ||
"$1$" + Utils.MD5String(password) == simianGridCredential ||
Utils.MD5String(password) == simianGridCredential)
{
authorizeResult = Authorize(userID);
return true;
}
else
{
m_log.Warn("[SIMIAN AUTH CONNECTOR]: Authentication failed for " + userID +
" using md5hash $1$" + Utils.MD5String(password));
}
}
authorizeResult = null;
return false;
}
private string Authorize(UUID userID)
{
NameValueCollection requestArgs = new NameValueCollection