From 39a060940877b61b05d2d5aef37c8fd76bf30382 Mon Sep 17 00:00:00 2001
From: Ian Walls <ian.walls@bywatersolutions.com>
Date: Fri, 14 Oct 2011 16:37:54 -0400
Subject: [PATCH] Bug 5995 Followup: checkpw was returning inconsistent values

In the case of LDAP, checkpw was returning the cardnumber of there user, but it was being treated as the
userid.  This patch updates checkpw_ldap to return the cardnumber AND the userid, and updates checkpw to
uniformly return cardnumber and userid in all instances, so that whoever is authenticating can use the
desired value in the right way.
(cherry picked from commit dcb4ac77fbfd813cc0eb39e060b49a7b8d491016)

Signed-off-by: Chris Nighswonger <chris.nighswonger@gmail.com>
---
 C4/Auth.pm           | 10 +++++-----
 C4/Auth_with_ldap.pm |  4 ++--
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/C4/Auth.pm b/C4/Auth.pm
index 38ef28fad6..57d9880b6f 100644
--- a/C4/Auth.pm
+++ b/C4/Auth.pm
@@ -750,7 +750,7 @@ sub checkauth {
 		    $info{'invalidCasLogin'} = 1 unless ($return);
         	} else {
 		    my $retuserid;
-		    ( $return, $retuserid ) = checkpw( $dbh, $userid, $password, $query );
+		    ( $return, $cardnumber, $retuserid ) = checkpw( $dbh, $userid, $password, $query );
 		    $userid = $retuserid if ($retuserid ne '');
 		}
 		if ($return) {
@@ -1425,8 +1425,8 @@ sub checkpw {
     my ( $dbh, $userid, $password, $query ) = @_;
     if ($ldap) {
         $debug and print "## checkpw - checking LDAP\n";
-        my ($retval,$retcard) = checkpw_ldap(@_);    # EXTERNAL AUTH
-        ($retval) and return ($retval,$retcard);
+        my ($retval,$retcard,$retuserid) = checkpw_ldap(@_);    # EXTERNAL AUTH
+        ($retval) and return ($retval,$retcard,$retuserid);
     }
 
     if ($cas && $query && $query->param('ticket')) {
@@ -1452,7 +1452,7 @@ sub checkpw {
 
             C4::Context->set_userenv( "$borrowernumber", $userid, $cardnumber,
                 $firstname, $surname, $branchcode, $flags );
-            return 1, $userid;
+            return 1, $cardnumber, $userid;
         }
     }
     $sth =
@@ -1468,7 +1468,7 @@ sub checkpw {
 
             C4::Context->set_userenv( $borrowernumber, $userid, $cardnumber,
                 $firstname, $surname, $branchcode, $flags );
-            return 1, $userid;
+            return 1, $cardnumber, $userid;
         }
     }
     if (   $userid && $userid eq C4::Context->config('user')
diff --git a/C4/Auth_with_ldap.pm b/C4/Auth_with_ldap.pm
index 462ff07bd2..09b88ab32a 100644
--- a/C4/Auth_with_ldap.pm
+++ b/C4/Auth_with_ldap.pm
@@ -161,7 +161,7 @@ sub checkpw_ldap {
             ($cardnumber eq $c2) or warn "update_local returned cardnumber '$c2' instead of '$cardnumber'";
         } else { # C1, D1
             # maybe update just the password?
-		return(1, $cardnumber); # FIXME dpavlin -- don't destroy ExtendedPatronAttributes
+		return(1, $cardnumber, $local_userid);
         }
     } elsif ($config{replicate}) { # A2, C2
         $borrowernumber = AddMember(%borrower) or die "AddMember failed";
@@ -188,7 +188,7 @@ sub checkpw_ldap {
 		}
            C4::Members::Attributes::SetBorrowerAttributes($borrowernumber, $extended_patron_attributes);
   	}
-return(1, $cardnumber);
+return(1, $cardnumber, $userid);
 }
 
 # Pass LDAP entry object and local cardnumber (userid).
-- 
2.39.5