/*
-** Copyright 2000-2008 Double Precision, Inc. See COPYING for
+** Copyright 2000-2010 Double Precision, Inc. See COPYING for
** distribution information.
*/
#define err courier_auth_err
-/* siefca@pld.org.pl */
-#define MAX_SUBSTITUTION_LEN 32
-#define SV_BEGIN_MARK "$("
-#define SV_END_MARK ")"
-#define SV_BEGIN_LEN ((sizeof(SV_BEGIN_MARK))-1)
-#define SV_END_LEN ((sizeof(SV_END_MARK))-1)
-
-static const char rcsid[]="$Id: authmysqllib.c,v 1.49 2008/06/08 16:40:36 mrsam Exp $";
-
-/* siefca@pld.org.pl */
-struct var_data {
- const char *name;
- const char *value;
- const size_t size;
- size_t value_length;
- } ;
-
-/* siefca@pld.org.pl */
-typedef int (*parsefunc)(const char *, size_t, void *);
-
static const char *read_env(const char *env)
{
-static char *mysqlauth=0;
-static size_t mysqlauth_size=0;
-size_t i;
-char *p=0;
-int l=strlen(env);
+ return authgetconfig(AUTHMYSQLRC, env);
+}
- if (!mysqlauth)
- {
- FILE *f=fopen(AUTHMYSQLRC, "r");
- struct stat buf;
+static MYSQL mysql_buf;
- if (!f) return (0);
- if (fstat(fileno(f), &buf) ||
- (mysqlauth=malloc(buf.st_size+2)) == 0)
- {
- fclose(f);
- return (0);
- }
- if (fread(mysqlauth, buf.st_size, 1, f) != 1)
- {
- free(mysqlauth);
- mysqlauth=0;
- fclose(f);
- return (0);
- }
- mysqlauth[mysqlauth_size=buf.st_size]=0;
-
- for (i=0; i<mysqlauth_size; i++)
- if (mysqlauth[i] == '\n')
- { /* siefca@pld.org.pl */
- if (!i || mysqlauth[i-1] != '\\')
- {
- mysqlauth[i]='\0';
- }
- else
- {
- mysqlauth[i]=mysqlauth[i-1]= ' ';
- }
- }
- fclose(f);
- }
+static MYSQL *mysql=0;
- for (i=0; i<mysqlauth_size; )
- {
- p=mysqlauth+i;
- if (memcmp(p, env, l) == 0 &&
- isspace((int)(unsigned char)p[l]))
- {
- p += l;
- while (*p && *p != '\n' &&
- isspace((int)(unsigned char)*p))
- ++p;
- break;
- }
+static char *escape_str(const char *c, size_t n)
+{
+ char *buf=malloc(n*2+1);
- while (i < mysqlauth_size)
- if (mysqlauth[i++] == 0) break;
+ if (!buf)
+ {
+ perror("malloc");
+ return NULL;
}
- if (i < mysqlauth_size)
- return (p);
- return (0);
+ mysql_real_escape_string(mysql, buf, c, n);
+ return buf;
}
-static MYSQL mysql_buf;
-
-static MYSQL *mysql=0;
-
static void set_session_options(void)
/*
* session variables can be set once for the whole session
memset(&ui, 0, sizeof(ui));
}
-/* siefca@pld.org.pl */
-static struct var_data *get_variable (const char *begin, size_t len,
- struct var_data *vdt)
-{
-struct var_data *vdp;
-
- if (!begin || !vdt) /* should never happend */
- {
- err("authmysql: critical error while "
- "parsing substitution variable");
- return NULL;
- }
- if (len < 1)
- {
- err("authmysql: unknown empty substitution "
- "variable - aborting");
- return NULL;
- }
- if (len > MAX_SUBSTITUTION_LEN)
- {
- err("authmysql: variable name too long "
- "while parsing substitution. "
- "name begins with "
- SV_BEGIN_MARK
- "%.*s...", MAX_SUBSTITUTION_LEN, begin);
- return NULL;
- }
-
- for (vdp=vdt; vdp->name; vdp++)
- if (vdp->size == len+1 &&
- !strncmp(begin, vdp->name, len))
- {
- if (!vdp->value)
- vdp->value = "";
- if (!vdp->value_length) /* length cache */
- vdp->value_length = strlen (vdp->value);
- return vdp;
- }
-
- err("authmysql: unknown substitution variable "
- SV_BEGIN_MARK
- "%.*s"
- SV_END_MARK
- , (int)len, begin);
-
- return NULL;
-}
-
-/* siefca@pld.org.pl */
-static int ParsePlugin_counter (const char *p, size_t length, void *vp)
-{
- if (!p || !vp || length < 0)
- {
- err("authmysql: bad arguments while counting "
- "query string");
- return -1;
- }
-
- *((size_t *)vp) += length;
-
- return 0;
-}
-
-/* siefca@pld.org.pl */
-static int ParsePlugin_builder (const char *p, size_t length, void *vp)
-{
-char **strptr = (char **) vp;
-
- if (!p || !vp || length < 0)
- {
- err("authmysql: bad arguments while building "
- "query string");
- return -1;
- }
-
- if (!length) return 0;
- memcpy ((void *) *strptr, (void *) p, length);
- *strptr += length;
-
- return 0;
-}
-
-/* siefca@pld.org.pl */
-static int parse_core (const char *source, struct var_data *vdt,
- parsefunc outfn, void *result)
-{
-size_t v_size = 0,
- t_size = 0;
-const char *p, *q, *e,
- *v_begin, *v_end,
- *t_begin, *t_end;
-struct var_data *v_ptr;
-
- if (!source)
- source = "";
- if (!result)
- {
- err("authmysql: no memory allocated for result "
- "while parser core was invoked");
- return -1;
- }
- if (!vdt)
- {
- err("authmysql: no substitution table found "
- "while parser core was invoked");
- return -1;
- }
-
- q = source;
- while ( (p=strstr(q, SV_BEGIN_MARK)) )
- {
- e = strstr (p, SV_END_MARK);
- if (!e)
- {
- err("authmysql: syntax error in "
- "substitution "
- "- no closing symbol found! "
- "bad variable begins with:"
- "%.*s...", MAX_SUBSTITUTION_LEN, p);
- return -1;
- }
-
- /*
- **
- ** __________sometext$(variable_name)_________
- ** | | | |
- ** t_begin' t_end' `v_begin `v_end
- **
- */
-
- v_begin = p+SV_BEGIN_LEN; /* variable field ptr */
- v_end = e-SV_END_LEN; /* variable field last character */
- v_size = v_end-v_begin+1;/* variable field length */
-
- t_begin = q; /* text field ptr */
- t_end = p-1; /* text field last character */
- t_size = t_end-t_begin+1;/* text field length */
-
- /* work on text */
- if ( (outfn (t_begin, t_size, result)) == -1 )
- return -1;
-
- /* work on variable */
- v_ptr = get_variable (v_begin, v_size, vdt);
- if (!v_ptr) return -1;
-
- if ( (outfn (v_ptr->value, v_ptr->value_length, result)) == -1 )
- return -1;
-
- q = e + 1;
- }
-
- /* work on last part of text if any */
- if (*q != '\0')
- if ( (outfn (q, strlen(q), result)) == -1 )
- return -1;
-
- return 0;
-}
-
-/* siefca@pld.org.pl */
-static char *parse_string (const char *source, struct var_data *vdt)
-{
-struct var_data *vdp = NULL;
-char *output_buf = NULL,
- *pass_buf = NULL;
-size_t buf_size = 2;
-
- if (source == NULL || *source == '\0' ||
- vdt == NULL || vdt[0].name == NULL)
- {
- err("authmysql: source clause is empty "
- "- this is critical error");
- return NULL;
- }
-
- /* zero var_data length cache - important! */
- for (vdp=vdt; vdp->name; vdp++)
- vdp->value_length = 0;
-
-
- /* phase 1 - count and validate string */
- if ( (parse_core (source, vdt, &ParsePlugin_counter, &buf_size)) != 0)
- return NULL;
-
- /* phase 2 - allocate memory */
- output_buf = malloc (buf_size);
- if (!output_buf)
- {
- perror ("malloc");
- return NULL;
- }
- pass_buf = output_buf;
-
- /* phase 3 - build the output string */
- if ( (parse_core (source, vdt, &ParsePlugin_builder, &pass_buf)) != 0)
- {
- free (output_buf);
- return NULL;
- }
- *pass_buf = '\0';
-
- return output_buf;
-}
-
-static char *local_part_escaped(const char *username)
-{
- const char *p=strchr(username, '@');
- size_t n=p ? p-username:strlen(username);
- char *buf=malloc(n*2+1);
-
- if (!buf)
- {
- perror("malloc");
- return NULL;
- }
-
- mysql_real_escape_string(mysql, buf, username, n);
- return buf;
-}
-
-static char *domain_part_escaped(const char *username,
- const char *defdomain)
-{
- const char *p=strchr(username, '@');
- size_t n;
- char *buf;
-
- if (p)
- ++p;
- else
- p=defdomain;
-
- n=strlen(p);
-
- buf=malloc(n*2+1);
-
- if (!buf)
- {
- perror("malloc");
- return NULL;
- }
-
- mysql_real_escape_string(mysql, buf, p, n);
- return buf;
-}
-
-static int local_and_domain_part_escaped(const char *username,
- const char *defdomain,
- char **local_ret,
- char **domain_ret)
-{
- if ((*local_ret=local_part_escaped(username)) == NULL)
- return 0;
-
- if ((*domain_ret=domain_part_escaped(username, defdomain)) == NULL)
- {
- free(*local_ret);
- return 0;
- }
-
- return 1;
-}
-
-/* siefca@pld.org.pl */
-static char *parse_select_clause (const char *clause, const char *username,
- const char *defdomain,
- const char *service)
-{
- char *str;
-
- static struct var_data vd[]={
- {"local_part", NULL, sizeof("local_part"), 0},
- {"domain", NULL, sizeof("domain"), 0},
- {"service", NULL, sizeof("service"), 0},
- {NULL, NULL, 0, 0}};
-
- char *l_part;
- char *d_part;
-
- if (clause == NULL || *clause == '\0' ||
- !username || *username == '\0')
- return NULL;
-
- if (!local_and_domain_part_escaped(username, defdomain,
- &l_part, &d_part))
- return NULL;
-
- vd[0].value=l_part;
- vd[1].value=d_part;
- vd[2].value = service;
-
- str=parse_string (clause, vd);
- free(l_part);
- free(d_part);
- return str;
-}
-
-/* siefca@pld.org.pl */
-static char *parse_chpass_clause (const char *clause, const char *username,
- const char *defdomain, const char *newpass,
- const char *newpass_crypt)
-{
- char *str;
-
- static struct var_data vd[]={
- {"local_part", NULL, sizeof("local_part"), 0},
- {"domain", NULL, sizeof("domain"), 0},
- {"newpass", NULL, sizeof("newpass"), 0},
- {"newpass_crypt", NULL, sizeof("newpass_crypt"), 0},
- {NULL, NULL, 0, 0}};
- char *l_part;
- char *d_part;
-
- if (clause == NULL || *clause == '\0' ||
- !username || *username == '\0' ||
- !newpass || *newpass == '\0' ||
- !newpass_crypt || *newpass_crypt == '\0') return NULL;
-
- if (!local_and_domain_part_escaped(username, defdomain,
- &l_part, &d_part))
- return NULL;
-
- vd[0].value=l_part;
- vd[1].value=d_part;
- vd[2].value = newpass;
- vd[3].value = newpass_crypt;
-
- if (!vd[0].value || !vd[1].value ||
- !vd[2].value || !vd[3].value)
- {
- free(l_part);
- free(d_part);
- return NULL;
- }
-
- str=parse_string (clause, vd);
- free(l_part);
- free(d_part);
- return str;
-}
-
struct authmysqluserinfo *auth_mysql_getuserinfo(const char *username,
const char *service)
{
else
{
/* siefca@pld.org.pl */
- querybuf=parse_select_clause (select_clause, username,
- defdomain, service);
+ querybuf=auth_parse_select_clause (escape_str,
+ select_clause, username,
+ defdomain, service);
if (!querybuf)
{
DPRINTF("parse_select_clause failed (DEFAULT_DOMAIN not set?)");
if (!clear_field)
clear_field="";
+ if (!defdomain)
+ defdomain="";
#define DEFAULT_SETPASS_UPDATE \
"UPDATE %s SET %s%s%s%s %s %s%s%s%s WHERE %s='%s%s%s' %s%s%s", \
}
else
{
- sql_buf=parse_chpass_clause(chpass_clause,
- user,
- defdomain,
- clear_escaped,
- crypt_escaped);
+ sql_buf=auth_parse_chpass_clause(escape_str,
+ chpass_clause,
+ user,
+ defdomain,
+ clear_escaped,
+ crypt_escaped);
}
free(clear_escaped);
MYSQL_ROW row;
MYSQL_RES *result;
- if (do_connect()) return;
+ if (do_connect())
+ {
+ (*cb_func)(NULL, 0, 0, NULL, NULL, NULL, void_arg);
+ return;
+ }
initui();
else
{
/* siefca@pld.org.pl */
- querybuf=parse_select_clause (select_clause, "*",
- defdomain, "enumerate");
+ querybuf=auth_parse_select_clause (escape_str,
+ select_clause, "*",
+ defdomain, "enumerate");
if (!querybuf)
{
DPRINTF("authmysql: parse_select_clause failed");
HCoop / hcoop / debian / courier-authlib.git / blobdiff