From: Galen Charlton Date: Thu, 6 Oct 2011 18:57:38 +0000 (-0400) Subject: fix authentication failure X-Git-Url: https://old-git.evergreen-ils.org/?a=commitdiff_plain;h=f11c95bb3368c2c303b3fe473b830d209b761b74;p=Evergreen.git fix authentication failure Ensure that the auth_limit values are read when open-ils.auth initializes, not during oilsAuthInit(). This solves a problem observed on brick-based setups where authentication could incorrectly fail because the drone that processes open-ils.auth.authenticate.complete didn't have the the block count value initialized yet. Also fixed type nit when compare the fail count to the block limit. Signed-off-by: Galen Charlton Signed-off-by: Bill Erickson --- diff --git a/Open-ILS/src/c-apps/oils_auth.c b/Open-ILS/src/c-apps/oils_auth.c index c507d19e5d..bd7d452586 100644 --- a/Open-ILS/src/c-apps/oils_auth.c +++ b/Open-ILS/src/c-apps/oils_auth.c @@ -78,23 +78,6 @@ int osrfAppInitialize() { "if found, otherwise returns the NO_SESSION event" "PARAMS( authToken )", 1, 0 ); - return 0; -} - -int osrfAppChildInit() { - return 0; -} - -int oilsAuthInit( osrfMethodContext* ctx ) { - OSRF_METHOD_VERIFY_CONTEXT(ctx); - - jsonObject* resp; - - char* username = NULL; - char* seed = NULL; - char* md5seed = NULL; - char* key = NULL; - char* countkey = NULL; if(!_oilsAuthSeedTimeout) { /* Load the default timeouts */ jsonObject* value_obj; @@ -131,6 +114,24 @@ int oilsAuthInit( osrfMethodContext* ctx ) { _oilsAuthSeedTimeout, _oilsAuthBlockTimeout, _oilsAuthBlockCount ); } + return 0; +} + +int osrfAppChildInit() { + return 0; +} + +int oilsAuthInit( osrfMethodContext* ctx ) { + OSRF_METHOD_VERIFY_CONTEXT(ctx); + + jsonObject* resp; + + char* username = NULL; + char* seed = NULL; + char* md5seed = NULL; + char* key = NULL; + char* countkey = NULL; + if( (username = jsonObjectToSimpleString(jsonObjectGetIndex(ctx->params, 0))) ) { if( strchr( username, ' ' ) ) { @@ -249,7 +250,7 @@ static int oilsAuthVerifyPassword( const osrfMethodContext* ctx, char* countkey = va_list_to_string( "%s%s%s", OILS_AUTH_CACHE_PRFX, uname, OILS_AUTH_COUNT_SFFX ); jsonObject* countobject = osrfCacheGetObject( countkey ); if(countobject) { - double failcount = jsonObjectGetNumber( countobject ); + long failcount = (long) jsonObjectGetNumber( countobject ); if(failcount >= _oilsAuthBlockCount) { ret = 0; osrfLogInternal(OSRF_LOG_MARK, "oilsAuth found too many recent failures: %d, forcing failure state.", failcount);