From 7870152d23db4cb6f5834d4921fac17feb717220 Mon Sep 17 00:00:00 2001 From: "Justin Clark-Casey (justincc)" Date: Thu, 24 Sep 2009 14:54:12 +0100 Subject: [PATCH] Allow load/save iar password checks to be done in grid mode This should allow load/save iar to work for grid mode as long as the grid user service is later than this revision Grid services of earlier revisions will always erroneously report incorrect password. This will be addressed shortly. --- .../Framework/Communications/IUserService.cs | 16 +++++- .../Tests/Cache/AssetCacheTests.cs | 5 ++ .../Communications/UserManagerBase.cs | 32 +++++++++-- .../Grid/UserServer.Modules/UserManager.cs | 56 ++++++++++++++++++- .../Communications/Local/LocalUserServices.cs | 19 ++++++- .../Communications/OGS1/OGS1UserServices.cs | 43 +++++++++++++- .../Archiver/InventoryArchiverModule.cs | 21 ++----- 7 files changed, 166 insertions(+), 26 deletions(-) diff --git a/OpenSim/Framework/Communications/IUserService.cs b/OpenSim/Framework/Communications/IUserService.cs index 725225d9e2..15c5a961bb 100644 --- a/OpenSim/Framework/Communications/IUserService.cs +++ b/OpenSim/Framework/Communications/IUserService.cs @@ -98,7 +98,7 @@ namespace OpenSim.Framework.Communications /// The agent that who's friends list is being updated /// The agent that is getting or loosing permissions /// A uint bit vector for set perms that the friend being added has; 0 = none, 1=This friend can see when they sign on, 2 = map, 4 edit objects - void UpdateUserFriendPerms(UUID friendlistowner, UUID friend, uint perms); + void UpdateUserFriendPerms(UUID friendlistowner, UUID friend, uint perms); /// /// Logs off a user on the user server @@ -137,9 +137,21 @@ namespace OpenSim.Framework.Communications // But since Scenes only have IUserService references, I'm placing it here for now. bool VerifySession(UUID userID, UUID sessionID); + /// + /// Authenticate a user by their password. + /// + /// + /// This is used by callers outside the login process that want to + /// verify a user who has given their password. + /// + /// This should probably also be in IAuthentication but is here for the same reasons as VerifySession() is + /// + /// + /// + /// + bool AuthenticateUserByPassword(UUID userID, string password); // Temporary Hack until we move everything to the new service model void SetInventoryService(IInventoryService invService); - } } diff --git a/OpenSim/Framework/Communications/Tests/Cache/AssetCacheTests.cs b/OpenSim/Framework/Communications/Tests/Cache/AssetCacheTests.cs index ac0dc6d838..a7572821af 100644 --- a/OpenSim/Framework/Communications/Tests/Cache/AssetCacheTests.cs +++ b/OpenSim/Framework/Communications/Tests/Cache/AssetCacheTests.cs @@ -149,6 +149,11 @@ namespace OpenSim.Framework.Communications.Tests { throw new NotImplementedException(); } + + public virtual bool AuthenticateUserByPassword(UUID userID, string password) + { + throw new NotImplementedException(); + } } } } diff --git a/OpenSim/Framework/Communications/UserManagerBase.cs b/OpenSim/Framework/Communications/UserManagerBase.cs index 58174a0dd6..1abd733a18 100644 --- a/OpenSim/Framework/Communications/UserManagerBase.cs +++ b/OpenSim/Framework/Communications/UserManagerBase.cs @@ -44,7 +44,8 @@ namespace OpenSim.Framework.Communications /// /// Base class for user management (create, read, etc) /// - public abstract class UserManagerBase : IUserService, IUserAdminService, IAvatarService, IMessagingService, IAuthentication + public abstract class UserManagerBase + : IUserService, IUserAdminService, IAvatarService, IMessagingService, IAuthentication { private static readonly ILog m_log = LogManager.GetLogger(MethodBase.GetCurrentMethod().DeclaringType); @@ -93,9 +94,9 @@ namespace OpenSim.Framework.Communications public void AddPlugin(string provider, string connect) { m_plugins.AddRange(DataPluginFactory.LoadDataPlugins(provider, connect)); - } + } - #region UserProfile + #region UserProfile public virtual void AddTemporaryUserProfile(UserProfileData userProfile) { @@ -891,7 +892,10 @@ namespace OpenSim.Framework.Communications if (userProfile != null && userProfile.CurrentAgent != null) { - m_log.DebugFormat("[USER AUTH]: Verifying session {0} for {1}; current session {2}", sessionID, userID, userProfile.CurrentAgent.SessionID); + m_log.DebugFormat( + "[USER AUTH]: Verifying session {0} for {1}; current session {2}", + sessionID, userID, userProfile.CurrentAgent.SessionID); + if (userProfile.CurrentAgent.SessionID == sessionID) { return true; @@ -901,6 +905,26 @@ namespace OpenSim.Framework.Communications return false; } + public virtual bool AuthenticateUserByPassword(UUID userID, string password) + { +// m_log.DebugFormat("[USER AUTH]: Authenticating user {0} given password {1}", userID, password); + + UserProfileData userProfile = GetUserProfile(userID); + + if (null == userProfile) + return false; + + string md5PasswordHash = Util.Md5Hash(Util.Md5Hash(password) + ":" + userProfile.PasswordSalt); + +// m_log.DebugFormat( +// "[USER AUTH]: Submitted hash {0}, stored hash {1}", md5PasswordHash, userProfile.PasswordHash); + + if (md5PasswordHash == userProfile.PasswordHash) + return true; + else + return false; + } + #endregion } } diff --git a/OpenSim/Grid/UserServer.Modules/UserManager.cs b/OpenSim/Grid/UserServer.Modules/UserManager.cs index 002f232a63..bc19ac840e 100644 --- a/OpenSim/Grid/UserServer.Modules/UserManager.cs +++ b/OpenSim/Grid/UserServer.Modules/UserManager.cs @@ -108,6 +108,9 @@ namespace OpenSim.Grid.UserServer.Modules m_httpServer.AddXmlRPCHandler("get_user_by_uuid", XmlRPCGetUserMethodUUID); m_httpServer.AddXmlRPCHandler("get_avatar_picker_avatar", XmlRPCGetAvatarPickerAvatar); + // Used by IAR module to do password checks + //m_httpServer.AddXmlRPCHandler("authenticate_user_by_password", XmlRPCAuthenticateUserMethodPassword); + m_httpServer.AddXmlRPCHandler("update_user_current_region", XmlRPCAtRegion); m_httpServer.AddXmlRPCHandler("logout_of_simulator", XmlRPCLogOffUserMethodUUID); m_httpServer.AddXmlRPCHandler("get_agent_by_uuid", XmlRPCGetAgentMethodUUID); @@ -203,6 +206,57 @@ namespace OpenSim.Grid.UserServer.Modules #region XMLRPC User Methods + /// + /// Authenticate a user using their password + /// + /// Must contain values for "user_uuid" and "password" keys + /// + /// + public XmlRpcResponse XmlRPCAuthenticateUserMethodPassword(XmlRpcRequest request, IPEndPoint remoteClient) + { +// m_log.DebugFormat("[USER MANAGER]: Received authenticated user by password request from {0}", remoteClient); + + Hashtable requestData = (Hashtable)request.Params[0]; + string userUuidRaw = (string)requestData["user_uuid"]; + string password = (string)requestData["password"]; + + if (null == userUuidRaw) + return Util.CreateUnknownUserErrorResponse(); + + UUID userUuid; + if (!UUID.TryParse(userUuidRaw, out userUuid)) + return Util.CreateUnknownUserErrorResponse(); + + UserProfileData userProfile = m_userDataBaseService.GetUserProfile(userUuid); + if (null == userProfile) + return Util.CreateUnknownUserErrorResponse(); + + string authed; + + if (null == password) + { + authed = "FALSE"; + } + else + { + if (m_userDataBaseService.AuthenticateUserByPassword(userUuid, password)) + authed = "TRUE"; + else + authed = "FALSE"; + } + +// m_log.DebugFormat( +// "[USER MANAGER]: Authentication by password result from {0} for {1} is {2}", +// remoteClient, userUuid, authed); + + XmlRpcResponse response = new XmlRpcResponse(); + Hashtable responseData = new Hashtable(); + responseData["auth_user"] = authed; + response.Value = responseData; + + return response; + } + public XmlRpcResponse XmlRPCGetAvatarPickerAvatar(XmlRpcRequest request, IPEndPoint remoteClient) { // XmlRpcResponse response = new XmlRpcResponse(); @@ -246,10 +300,10 @@ namespace OpenSim.Grid.UserServer.Modules m_userDataBaseService.CommitAgent(ref userProfile); //setUserProfile(userProfile); - returnstring = "TRUE"; } } + responseData.Add("returnString", returnstring); response.Value = responseData; return response; diff --git a/OpenSim/Region/Communications/Local/LocalUserServices.cs b/OpenSim/Region/Communications/Local/LocalUserServices.cs index af4fb37692..d18937e327 100644 --- a/OpenSim/Region/Communications/Local/LocalUserServices.cs +++ b/OpenSim/Region/Communications/Local/LocalUserServices.cs @@ -80,6 +80,21 @@ namespace OpenSim.Region.Communications.Local throw new Exception("[LOCAL USER SERVICES]: Unknown master user UUID. Possible reason: UserServer is not running."); } return data; - } + } + + public override bool AuthenticateUserByPassword(UUID userID, string password) + { + UserProfileData userProfile = GetUserProfile(userID); + + if (null == userProfile) + return false; + + string md5PasswordHash = Util.Md5Hash(Util.Md5Hash(password) + ":" + userProfile.PasswordSalt); + + if (md5PasswordHash == userProfile.PasswordHash) + return true; + else + return false; + } } -} +} \ No newline at end of file diff --git a/OpenSim/Region/Communications/OGS1/OGS1UserServices.cs b/OpenSim/Region/Communications/OGS1/OGS1UserServices.cs index dff8305a59..89b3e428e5 100644 --- a/OpenSim/Region/Communications/OGS1/OGS1UserServices.cs +++ b/OpenSim/Region/Communications/OGS1/OGS1UserServices.cs @@ -140,6 +140,47 @@ namespace OpenSim.Region.Communications.OGS1 { m_log.DebugFormat("[OGS1 USER SERVICES]: Verifying user session for " + userID); return AuthClient.VerifySession(GetUserServerURL(userID), userID, sessionID); - } + } + + public override bool AuthenticateUserByPassword(UUID userID, string password) + { + try + { + Hashtable param = new Hashtable(); + param["user_uuid"] = userID.ToString(); + param["password"] = password; + IList parameters = new ArrayList(); + parameters.Add(param); + XmlRpcRequest req = new XmlRpcRequest("authenticate_user_by_password", parameters); + XmlRpcResponse resp = req.Send(m_commsManager.NetworkServersInfo.UserURL, 30000); + Hashtable respData = (Hashtable)resp.Value; + +// foreach (object key in respData.Keys) +// { +// Console.WriteLine("respData {0}, {1}", key, respData[key]); +// } + +// m_log.DebugFormat( +// "[OGS1 USER SERVICES]: AuthenticatedUserByPassword response for {0} is [{1}]", +// userID, respData["auth_user"]); + + if ((string)respData["auth_user"] == "TRUE") + { + return true; + } + else + { + return false; + } + } + catch (Exception e) + { + m_log.ErrorFormat( + "[OGS1 USER SERVICES]: Error when trying to authenticate user by password from remote user server: {0}", + e); + + return false; + } + } } } \ No newline at end of file diff --git a/OpenSim/Region/CoreModules/Avatar/Inventory/Archiver/InventoryArchiverModule.cs b/OpenSim/Region/CoreModules/Avatar/Inventory/Archiver/InventoryArchiverModule.cs index 196205c3b0..b82b94094f 100644 --- a/OpenSim/Region/CoreModules/Avatar/Inventory/Archiver/InventoryArchiverModule.cs +++ b/OpenSim/Region/CoreModules/Avatar/Inventory/Archiver/InventoryArchiverModule.cs @@ -322,7 +322,7 @@ namespace OpenSim.Region.CoreModules.Avatar.Inventory.Archiver /// User password /// protected CachedUserInfo GetUserInfo(string firstName, string lastName, string pass) - { + { CachedUserInfo userInfo = m_aScene.CommsManager.UserProfileCacheService.GetUserDetails(firstName, lastName); //m_aScene.CommsManager.UserService.GetUserProfile(firstName, lastName); if (null == userInfo) @@ -333,29 +333,18 @@ namespace OpenSim.Region.CoreModules.Avatar.Inventory.Archiver return null; } - string md5PasswdHash = Util.Md5Hash(Util.Md5Hash(pass) + ":" + userInfo.UserProfile.PasswordSalt); - - if (userInfo.UserProfile.PasswordHash == null || userInfo.UserProfile.PasswordHash == String.Empty) + if (m_aScene.CommsManager.UserService.AuthenticateUserByPassword(userInfo.UserProfile.ID, pass)) { - m_log.ErrorFormat( - "[INVENTORY ARCHIVER]: Sorry, the grid mode service is not providing password hash details for the check. This will be fixed in an OpenSim git revision soon"); - - return null; + return userInfo; } - -// m_log.DebugFormat( -// "[INVENTORY ARCHIVER]: received salt {0}, hash {1}, supplied hash {2}", -// userInfo.UserProfile.PasswordSalt, userInfo.UserProfile.PasswordHash, md5PasswdHash); - - if (userInfo.UserProfile.PasswordHash != md5PasswdHash) + else { m_log.ErrorFormat( "[INVENTORY ARCHIVER]: Password for user {0} {1} incorrect. Please try again.", firstName, lastName); + return null; } - - return userInfo; } ///