fix authentication failure

Ensure that the auth_limit values are read when open-ils.auth
initializes, not during oilsAuthInit().  This solves a problem
observed on brick-based setups where authentication could
incorrectly fail because the drone that processes
open-ils.auth.authenticate.complete didn't have the the block
count value initialized yet.

Also fixed type nit when compare the fail count to the block
limit.

Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Signed-off-by: Bill Erickson <berick@esilibrary.com>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>

diff --git a/Open-ILS/src/c-apps/oils_auth.c b/Open-ILS/src/c-apps/oils_auth.c
index c507d19..bd7d452 100644 (file)
--- a/Open-ILS/src/c-apps/oils_auth.c
+++ b/Open-ILS/src/c-apps/oils_auth.c
@@ -78,23 +78,6 @@ int osrfAppInitialize() {
                "if found, otherwise returns the NO_SESSION event"
                "PARAMS( authToken )", 1, 0 );
 
-       return 0;
-}
-
-int osrfAppChildInit() {
-       return 0;
-}
-
-int oilsAuthInit( osrfMethodContext* ctx ) {
-       OSRF_METHOD_VERIFY_CONTEXT(ctx); 
-
-       jsonObject* resp;
-
-       char* username = NULL;
-       char* seed              = NULL;
-       char* md5seed   = NULL;
-       char* key               = NULL;
-       char* countkey  = NULL;
        if(!_oilsAuthSeedTimeout) { /* Load the default timeouts */
 
                jsonObject* value_obj;
@@ -131,6 +114,24 @@ int oilsAuthInit( osrfMethodContext* ctx ) {
                        _oilsAuthSeedTimeout, _oilsAuthBlockTimeout, _oilsAuthBlockCount );
        }
 
+       return 0;
+}
+
+int osrfAppChildInit() {
+       return 0;
+}
+
+int oilsAuthInit( osrfMethodContext* ctx ) {
+       OSRF_METHOD_VERIFY_CONTEXT(ctx); 
+
+       jsonObject* resp;
+
+       char* username = NULL;
+       char* seed              = NULL;
+       char* md5seed   = NULL;
+       char* key               = NULL;
+       char* countkey  = NULL;
+
        if( (username = jsonObjectToSimpleString(jsonObjectGetIndex(ctx->params, 0))) ) {
 
                if( strchr( username, ' ' ) ) {
@@ -249,7 +250,7 @@ static int oilsAuthVerifyPassword( const osrfMethodContext* ctx,
        char* countkey = va_list_to_string( "%s%s%s", OILS_AUTH_CACHE_PRFX, uname, OILS_AUTH_COUNT_SFFX );
        jsonObject* countobject = osrfCacheGetObject( countkey );
        if(countobject) {
-               double failcount = jsonObjectGetNumber( countobject );
+               long failcount = (long) jsonObjectGetNumber( countobject );
                if(failcount >= _oilsAuthBlockCount) {
                        ret = 0;
                    osrfLogInternal(OSRF_LOG_MARK, "oilsAuth found too many recent failures: %d, forcing failure state.", failcount);