From: Bill Erickson <berick@esilibrary.com>
Date: Tue, 8 Oct 2013 19:58:56 +0000 (-0400)
Subject: LP#1348731: have SIP gateway use a login nonce
X-Git-Url: https://old-git.evergreen-ils.org/?a=commitdiff_plain;h=7917dc6585983ac62927642fc5c9d045fcd34c9d;p=evergreen%2Fpines.git

LP#1348731: have SIP gateway use a login nonce

Since multiple SIP clients may use the same credentials, avoid the
same-username race condition to authentication by applying a login nonce
value.

Signed-off-by: Bill Erickson <berick@esilibrary.com>
Signed-off-by: Galen Charlton <gmc@esilibrary.com>
Signed-off-by: Mike Rylander <mrylander@gmail.com>
---

diff --git a/Open-ILS/src/perlmods/lib/OpenILS/SIP.pm b/Open-ILS/src/perlmods/lib/OpenILS/SIP.pm
index 46c902a6e7..a98420029f 100644
--- a/Open-ILS/src/perlmods/lib/OpenILS/SIP.pm
+++ b/Open-ILS/src/perlmods/lib/OpenILS/SIP.pm
@@ -223,9 +223,10 @@ sub login {
     my( $self, $username, $password ) = @_;
     syslog('LOG_DEBUG', "OILS: Logging in with username $username");
 
+    my $nonce = rand($$);
     my $seed = $U->simplereq( 
         'open-ils.auth',
-        'open-ils.auth.authenticate.init', $username );
+        'open-ils.auth.authenticate.init', $username, $nonce );
 
     my $response = $U->simplereq(
         'open-ils.auth', 
@@ -234,6 +235,7 @@ sub login {
             username => $username, 
             password => md5_hex($seed . md5_hex($password)), 
             type     => 'opac',
+            nonce    => $nonce
         }
     );