X-Git-Url: https://git.hcoop.net/hcoop/debian/exim4.git/blobdiff_plain/ed7df6aed3350267779da0674e270711e5914e79..d1d56ac364669b9a323ad9494f96398ba502dac0:/src/lookups/pgsql.c diff --git a/src/lookups/pgsql.c b/src/lookups/pgsql.c index 95b1b8c..d71f97b 100644 --- a/src/lookups/pgsql.c +++ b/src/lookups/pgsql.c @@ -2,7 +2,7 @@ * Exim - an Internet mail transport agent * *************************************************/ -/* Copyright (c) University of Cambridge 1995 - 2009 */ +/* Copyright (c) University of Cambridge 1995 - 2015 */ /* See the file NOTICE for conditions of use and distribution. */ /* Thanks to Petr Cech for contributing the original code for these @@ -97,7 +97,7 @@ configuration line for PostgreSQL via Unix domain sockets looks like this: hide pgsql_servers = (/tmp/.s.PGSQL.5432)/db/user/password[:] We enclose the path name in parentheses so that its slashes aren't visually -confused with the delimeters for the other pgsql_server settings. +confused with the delimiters for the other pgsql_server settings. For TCP/IP connections, the server is a host name and optional port (with a colon separator). @@ -118,18 +118,18 @@ Returns: OK, FAIL, or DEFER */ static int -perform_pgsql_search(uschar *query, uschar *server, uschar **resultptr, - uschar **errmsg, BOOL *defer_break, BOOL *do_cache) +perform_pgsql_search(const uschar *query, uschar *server, uschar **resultptr, + uschar **errmsg, BOOL *defer_break, uint *do_cache) { PGconn *pg_conn = NULL; PGresult *pg_result = NULL; int i; +uschar *result = NULL; int ssize = 0; int offset = 0; int yield = DEFER; unsigned int num_fields, num_tuples; -uschar *result = NULL; pgsql_connection *cn; uschar *server_copy = NULL; uschar *sdata[3]; @@ -290,10 +290,10 @@ else /* The command was successful but did not return any data since it was * not SELECT but either an INSERT, UPDATE or DELETE statement. Tell the * high level code to not cache this query, and clean the current cache for - * this handle by setting *do_cache FALSE. */ + * this handle by setting *do_cache zero. */ result = string_copy(US PQcmdTuples(pg_result)); offset = Ustrlen(result); - *do_cache = FALSE; + *do_cache = 0; DEBUG(D_lookup) debug_printf("PGSQL: command does not return any data " "but was successful. Rows affected: %s\n", result); @@ -327,11 +327,11 @@ row, we insert '\n' between them. */ for (i = 0; i < num_tuples; i++) { if (result != NULL) - result = string_cat(result, &ssize, &offset, US"\n", 1); + result = string_catn(result, &ssize, &offset, US"\n", 1); if (num_fields == 1) { - result = string_cat(result, &ssize, &offset, + result = string_catn(result, &ssize, &offset, US PQgetvalue(pg_result, i, 0), PQgetlength(pg_result, i, 0)); } @@ -371,7 +371,7 @@ it is cached. */ if (pg_result != NULL) PQclear(pg_result); -/* Non-NULL result indicates a sucessful result */ +/* Non-NULL result indicates a successful result */ if (result != NULL) { @@ -398,8 +398,8 @@ query is deferred with a retryable error is now in a separate function that is shared with other SQL lookups. */ static int -pgsql_find(void *handle, uschar *filename, uschar *query, int length, - uschar **result, uschar **errmsg, BOOL *do_cache) +pgsql_find(void *handle, uschar *filename, const uschar *query, int length, + uschar **result, uschar **errmsg, uint *do_cache) { return lf_sqlperform(US"PostgreSQL", US"pgsql_servers", pgsql_servers, query, result, errmsg, do_cache, perform_pgsql_search); @@ -413,12 +413,6 @@ return lf_sqlperform(US"PostgreSQL", US"pgsql_servers", pgsql_servers, query, /* The characters that always need to be quoted (with backslash) are newline, tab, carriage return, backspace, backslash itself, and the quote characters. -Percent and underscore are only special in contexts where they can be wild -cards, and this isn't usually the case for data inserted from messages, since -that isn't likely to be treated as a pattern of any kind. However, pgsql seems -to allow escaping "on spec". If you use something like "where id="ab\%cd" it -does treat the string as "ab%cd". So we can safely quote percent and -underscore. [This is different to MySQL, where you can't do this.] The original code quoted single quotes as \' which is documented as valid in the O'Reilly book "Practical PostgreSQL" (first edition) as an alternative to @@ -448,7 +442,7 @@ uschar *quoted; if (opt != NULL) return NULL; /* No options recognized */ while ((c = *t++) != 0) - if (Ustrchr("\n\t\r\b\'\"\\%_", c) != NULL) count++; + if (Ustrchr("\n\t\r\b\'\"\\", c) != NULL) count++; if (count == 0) return s; t = quoted = store_get(Ustrlen(s) + count + 1); @@ -460,7 +454,7 @@ while ((c = *s++) != 0) *t++ = '\''; *t++ = '\''; } - else if (Ustrchr("\n\t\r\b\"\\%_", c) != NULL) + else if (Ustrchr("\n\t\r\b\"\\", c) != NULL) { *t++ = '\\'; switch(c)