OpenID auth needs hashing before authenticating

2012-03-02 15:05:06 -05:00 · 2012-03-02 15:05:06 -05:00 · d242d47e5c
parent 6fc350725d
commit d242d47e5c
2 changed files with 2 additions and 2 deletions
--- a/OpenSim/Server/Handlers/Authentication/OpenIdServerHandler.cs
+++ b/OpenSim/Server/Handlers/Authentication/OpenIdServerHandler.cs
@ -248,7 +248,7 @@ For more information, see <a href='http://openid.net/'>http://openid.net/</a>.
                            if (passwordValues != null && passwordValues.Length == 1)
                            {
                                if (account != null && 
-                                    (m_authenticationService.Authenticate(account.PrincipalID, passwordValues[0], 30) != string.Empty))
+                                    (m_authenticationService.Authenticate(account.PrincipalID,Util.Md5Hash(passwordValues[0]), 30) != string.Empty))
                                    authRequest.IsAuthenticated = true;
                                else
                                    authRequest.IsAuthenticated = false;
--- a/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
+++ b/OpenSim/Services/AuthenticationService/PasswordAuthenticationService.cs
@ -80,7 +80,7 @@ namespace OpenSim.Services.AuthenticationService
            {
                string hashed = Util.Md5Hash(password + ":" + data.Data["passwordSalt"].ToString());

-                //m_log.DebugFormat("[PASS AUTH]: got {0}; hashed = {1}; stored = {2}", password, hashed, data.Data["passwordHash"].ToString());
+                m_log.DebugFormat("[PASS AUTH]: got {0}; hashed = {1}; stored = {2}", password, hashed, data.Data["passwordHash"].ToString());

                if (data.Data["passwordHash"].ToString() == hashed)
                {