struct authmysqluserinfo *auth_mysql_getuserinfo(const char *username,
const char *service)
{
const char *defdomain =NULL;
char *querybuf;
MYSQL_ROW row;
MYSQL_RES *result;
int num_fields;
char *endp;
const char *select_clause; /* [email protected] */
#define DEFAULT_SELECT_QUERY "SELECT %s, %s, %s, %s, %s, %s, %s, %s, %s, %s FROM %s WHERE %s = '%s%s%s' %s%s%s", \
login_field, crypt_field, clear_field, uid_field,\
gid_field, home_field, maildir_field, quota_field,\
name_field, options_field, user_table, login_field,\
username_escaped,\
has_domain || !*defdomain ? "":"@", has_domain ? "":defdomain, \
*where_clause ? " AND (":"", where_clause,\
*where_clause ? ")":""
if (do_connect()) return (0);
initui();
select_clause=read_env("MYSQL_SELECT_CLAUSE");
defdomain=read_env("DEFAULT_DOMAIN");
if (!defdomain) defdomain="";
if (!select_clause) /* [email protected] */
{
const char *user_table,
*crypt_field,
*clear_field,
*name_field,
*uid_field,
*gid_field,
*login_field,
*home_field,
*maildir_field,
*quota_field,
*options_field,
*where_clause;
char *username_escaped;
size_t query_size;
char dummy_buf[1];
int has_domain;
user_table=read_env("MYSQL_USER_TABLE");
if (!user_table)
{
err("authmysql: MYSQL_USER_TABLE not set in "
AUTHMYSQLRC ".");
return (0);
}
crypt_field=read_env("MYSQL_CRYPT_PWFIELD");
clear_field=read_env("MYSQL_CLEAR_PWFIELD");
name_field=read_env("MYSQL_NAME_FIELD");
if (!crypt_field && !clear_field)
{
err("authmysql: MYSQL_CRYPT_PWFIELD and "
"MYSQL_CLEAR_PWFIELD not set in " AUTHMYSQLRC ".");
return (0);
}
if (!crypt_field) crypt_field="\"\"";
if (!clear_field) clear_field="\"\"";
if (!name_field) name_field="\"\"";
uid_field = read_env("MYSQL_UID_FIELD");
if (!uid_field) uid_field = "uid";
gid_field = read_env("MYSQL_GID_FIELD");
if (!gid_field) gid_field = "gid";
login_field = read_env("MYSQL_LOGIN_FIELD");
if (!login_field) login_field = "id";
home_field = read_env("MYSQL_HOME_FIELD");
if (!home_field) home_field = "home";
maildir_field=read_env(service && strcmp(service, "courier")==0
? "MYSQL_DEFAULTDELIVERY"
: "MYSQL_MAILDIR_FIELD");
if (!maildir_field) maildir_field="\"\"";
quota_field=read_env("MYSQL_QUOTA_FIELD");
if (!quota_field) quota_field="\"\"";
options_field=read_env("MYSQL_AUXOPTIONS_FIELD");
if (!options_field) options_field="\"\"";
where_clause=read_env("MYSQL_WHERE_CLAUSE");
if (!where_clause) where_clause = "";
username_escaped=malloc(strlen(username)*2+1);
if (!username_escaped)
{
perror("malloc");
return (0);
}
mysql_real_escape_string(mysql, username_escaped,
username, strlen(username));
has_domain=strchr(username, '@') != NULL;
query_size=snprintf(dummy_buf, 1, DEFAULT_SELECT_QUERY);
querybuf=malloc(query_size+1);
if (!querybuf)
{
free(username_escaped);
perror("malloc");
return(0);
}
snprintf(querybuf, query_size+1, DEFAULT_SELECT_QUERY);
free(username_escaped);
}
else
{
/* [email protected] */
querybuf=parse_select_clause (select_clause, username,
defdomain, service);
if (!querybuf)
{
DPRINTF("parse_select_clause failed (DEFAULT_DOMAIN not set?)");
return 0;
}
}
DPRINTF("SQL query: %s", querybuf);
if (mysql_query (mysql, querybuf))
{
/* <*****@*****.**> */
DPRINTF("mysql_query failed, reconnecting: %s", mysql_error(mysql));
auth_mysql_cleanup();
if (do_connect())
{
free(querybuf);
return (0);
}
if (mysql_query (mysql, querybuf))
{
DPRINTF("mysql_query failed second time, giving up: %s", mysql_error(mysql));
free(querybuf);
auth_mysql_cleanup();
/* Server went down, that's OK,
** try again next time.
*/
return (0);
}
}
free(querybuf);
result = mysql_store_result (mysql);
if (result)
{
if (mysql_num_rows(result))
{
row = mysql_fetch_row (result);
num_fields = mysql_num_fields (result);
if (num_fields < 6)
{
DPRINTF("incomplete row, only %d fields returned",
num_fields);
mysql_free_result(result);
return(0);
}
if (row[0] && row[0][0])
ui.username=strdup(row[0]);
if (row[1] && row[1][0])
ui.cryptpw=strdup(row[1]);
if (row[2] && row[2][0])
ui.clearpw=strdup(row[2]);
/* perhaps authmysql needs a glob_uid/glob_gid feature
like authldap? */
if (!row[3] || !row[3][0] ||
(ui.uid=strtol(row[3], &endp, 10), endp[0] != '\0'))
{
DPRINTF("invalid value for uid: '%s'",
row[3] ? row[3] : "<null>");
mysql_free_result(result);
return 0;
}
if (!row[4] || !row[4][0] ||
(ui.gid=strtol(row[4], &endp, 10), endp[0] != '\0'))
{
DPRINTF("invalid value for gid: '%s'",
row[4] ? row[4] : "<null>");
mysql_free_result(result);
return 0;
}
if (row[5] && row[5][0])
ui.home=strdup(row[5]);
else
{
DPRINTF("required value for 'home' (column 6) is missing");
mysql_free_result(result);
return(0);
}
if (num_fields > 6 && row[6] && row[6][0])
ui.maildir=strdup(row[6]);
if (num_fields > 7 && row[7] && row[7][0])
ui.quota=strdup(row[7]);
if (num_fields > 8 && row[8] && row[8][0])
ui.fullname=strdup(row[8]);
if (num_fields > 9 && row[9] && row[9][0])
ui.options=strdup(row[9]);
}
else
{
DPRINTF("zero rows returned");
mysql_free_result(result);
return (&ui); /* User not found */
}
}
else
{
DPRINTF("mysql_store_result failed");
return (0);
}
mysql_free_result(result);
return (&ui);
}
struct authpgsqluserinfo *auth_pgsql_getuserinfo(const char *username)
{
const char *user_table=NULL;
const char *defdomain;
char *querybuf, *p;
const char *crypt_field=NULL,
*clear_field=NULL,
*maildir_field=NULL,
*home_field=NULL,
*name_field=NULL,
*login_field=NULL,
*uid_field=NULL,
*gid_field=NULL,
*quota_field=NULL,
*where_clause=NULL,
*select_clause=NULL; /* [email protected] */
static const char query[]=
"SELECT %s, %s, %s, %s, %s, %s, %s, %s, %s FROM %s WHERE %s = '";
if (do_connect()) return (0);
if (ui.username)
free(ui.username);
if (ui.cryptpw)
free(ui.cryptpw);
if (ui.clearpw)
free(ui.clearpw);
if (ui.home)
free(ui.home);
if (ui.maildir)
free(ui.maildir);
if (ui.quota)
free(ui.quota);
if (ui.fullname)
free(ui.fullname);
memset(&ui, 0, sizeof(ui));
/*
fprintf(DEBUG,"1Leggo parametri\n");
fflush(DEBUG);
*/
select_clause=read_env("PGSQL_SELECT_CLAUSE");
defdomain=read_env("DEFAULT_DOMAIN");
if (!select_clause) /* [email protected] */
{
user_table=read_env("PGSQL_USER_TABLE");
if (!user_table)
{
fprintf(stderr, "authpgsql: PGSQL_USER_TABLE not set in "
AUTHPGSQLRC ".\n");
return (0);
}
crypt_field=read_env("PGSQL_CRYPT_PWFIELD");
clear_field=read_env("PGSQL_CLEAR_PWFIELD");
name_field=read_env("PGSQL_NAME_FIELD");
/*
fprintf(DEBUG,"2Leggo parametri\n");
fflush(DEBUG);
*/
if (!crypt_field && !clear_field)
{
fprintf(stderr,
"authpgsql: PGSQL_CRYPT_PWFIELD and "
"PGSQL_CLEAR_PWFIELD not set in " AUTHPGSQLRC ".\n");
return (0);
}
if (!crypt_field) crypt_field="''";
if (!clear_field) clear_field="''";
if (!name_field) name_field="''";
uid_field = read_env("PGSQL_UID_FIELD");
if (!uid_field) uid_field = "uid";
gid_field = read_env("PGSQL_GID_FIELD");
if (!gid_field) gid_field = "gid";
login_field = read_env("PGSQL_LOGIN_FIELD");
if (!login_field) login_field = "id";
home_field = read_env("PGSQL_HOME_FIELD");
if (!home_field) home_field = "home";
maildir_field=read_env("PGSQL_MAILDIR_FIELD");
if (!maildir_field) maildir_field="''";
quota_field=read_env("PGSQL_QUOTA_FIELD");
if (!quota_field) quota_field="''";
where_clause=read_env("PGSQL_WHERE_CLAUSE");
if (!where_clause) where_clause = "";
}
if (!defdomain) defdomain="";
if (!select_clause) /* [email protected] */
{
querybuf=malloc(sizeof(query) + 100 + strlen(user_table) + strlen(defdomain)
+ strlen(crypt_field) + strlen(clear_field) + strlen(maildir_field)
+ strlen(uid_field) + strlen(gid_field) + 2 * strlen(login_field)
+ strlen(home_field) + strlen(quota_field) + strlen(where_clause)
+ strlen(name_field));
if (!querybuf)
{
perror("malloc");
return (0);
}
sprintf(querybuf, query, login_field, crypt_field, clear_field,
uid_field, gid_field, home_field, maildir_field, quota_field,
name_field, user_table, login_field);
p=querybuf+strlen(querybuf);
append_username(p, username, defdomain);
strcat(p, "'");
if (strcmp(where_clause, "")) {
strcat(p, " AND (");
strcat(p, where_clause);
strcat(p, ")");
}
}
else
{
/* [email protected] */
querybuf=parse_select_clause (select_clause, username, defdomain);
if (!querybuf) return 0;
}
/*
fprintf(DEBUG,"Eseguo la query:\n%s\n",querybuf);
fflush(DEBUG);
*/
pgresult = PQexec(pgconn, querybuf);
if (!pgresult || PQresultStatus(pgresult) != PGRES_TUPLES_OK)
{
/*
fprintf(DEBUG,"Problema\n");
fflush(DEBUG);
*/
PQclear(pgresult);
/* <*****@*****.**> */
auth_pgsql_cleanup();
if (do_connect())
{
free(querybuf);
return (0);
}
pgresult = PQexec(pgconn, querybuf);
if (!pgresult || PQresultStatus(pgresult) != PGRES_TUPLES_OK)
{
/*
fprintf(DEBUG,"Problemadoppio\n");
fflush(DEBUG);
*/
PQclear(pgresult);
free(querybuf);
auth_pgsql_cleanup();
/* Server went down, that's OK,
** try again next time.
*/
return (0);
}
}
free(querybuf);
/*
fprintf(DEBUG,"La query e' ok\n");
fflush(DEBUG);
*/
if (PQntuples(pgresult)>0)
{
/*
fprintf(DEBUG,"Leggo i risultati\n");
fflush(DEBUG);
*/
ui.username=strdup(PQgetvalue(pgresult,0,0));
ui.cryptpw=strdup(PQgetvalue(pgresult,0,1));
ui.clearpw=strdup(PQgetvalue(pgresult,0,2));
ui.uid=atol(PQgetvalue(pgresult,0,3));
ui.gid=atol(PQgetvalue(pgresult,0,4));
ui.home=strdup(PQgetvalue(pgresult,0,5));
ui.maildir=strdup(PQgetvalue(pgresult,0,6));
ui.quota=strdup(PQgetvalue(pgresult,0,7));
ui.fullname=strdup(PQgetvalue(pgresult,0,8));
/*
fprintf(DEBUG,"risultati letti\n");
fflush(DEBUG);
*/
if (!ui.username || !ui.cryptpw ||
!ui.home || !ui.maildir ||
!ui.quota)
{
PQclear(pgresult);
return (0);
}
/*
fprintf(DEBUG,"ci sono tutti\n");
fflush(DEBUG);
*/
if (!ui.cryptpw[0])
{
free(ui.cryptpw);
ui.cryptpw=0;
}
if (!ui.clearpw[0])
{
free(ui.clearpw);
ui.clearpw=0;
}
}
PQclear(pgresult);
/*
fprintf(DEBUG,"Mail dir:%s\n",ui.maildir);
fflush(DEBUG);
*/
return (&ui);
}
void auth_mysql_enumerate( void(*cb_func)(const char *name,
uid_t uid,
gid_t gid,
const char *homedir,
const char *maildir,
const char *options,
void *void_arg),
void *void_arg)
{
const char *defdomain, *select_clause;
char *querybuf;
MYSQL_ROW row;
MYSQL_RES *result;
if (do_connect()) return;
initui();
select_clause=read_env("MYSQL_ENUMERATE_CLAUSE");
defdomain=read_env("DEFAULT_DOMAIN");
if (!defdomain || !defdomain[0])
defdomain="*"; /* otherwise parse_select_clause fails */
if (!select_clause)
{
const char *user_table,
*uid_field,
*gid_field,
*login_field,
*home_field,
*maildir_field,
*options_field,
*where_clause;
char dummy_buf[1];
size_t query_len;
user_table=read_env("MYSQL_USER_TABLE");
if (!user_table)
{
err("authmysql: MYSQL_USER_TABLE not set in "
AUTHMYSQLRC ".");
return;
}
uid_field = read_env("MYSQL_UID_FIELD");
if (!uid_field) uid_field = "uid";
gid_field = read_env("MYSQL_GID_FIELD");
if (!gid_field) gid_field = "gid";
login_field = read_env("MYSQL_LOGIN_FIELD");
if (!login_field) login_field = "id";
home_field = read_env("MYSQL_HOME_FIELD");
if (!home_field) home_field = "home";
maildir_field=read_env("MYSQL_MAILDIR_FIELD");
if (!maildir_field) maildir_field="\"\"";
options_field=read_env("MYSQL_AUXOPTIONS_FIELD");
if (!options_field) options_field="\"\"";
where_clause=read_env("MYSQL_WHERE_CLAUSE");
if (!where_clause) where_clause = "";
#define DEFAULT_ENUMERATE_QUERY \
"SELECT %s, %s, %s, %s, %s, %s FROM %s %s%s",\
login_field, uid_field, gid_field, \
home_field, maildir_field, \
options_field, user_table, \
*where_clause ? " WHERE ":"", \
where_clause
query_len=snprintf(dummy_buf, 1, DEFAULT_ENUMERATE_QUERY);
querybuf=malloc(query_len+1);
if (!querybuf)
{
perror("malloc");
return;
}
snprintf(querybuf, query_len+1, DEFAULT_ENUMERATE_QUERY);
}
else
{
/* [email protected] */
querybuf=parse_select_clause (select_clause, "*",
defdomain, "enumerate");
if (!querybuf)
{
DPRINTF("authmysql: parse_select_clause failed");
return;
}
}
DPRINTF("authmysql: enumerate query: %s", querybuf);
if (mysql_query (mysql, querybuf))
{
DPRINTF("mysql_query failed, reconnecting: %s", mysql_error(mysql));
/* <*****@*****.**> */
auth_mysql_cleanup();
if (do_connect())
{
free(querybuf);
return;
}
if (mysql_query (mysql, querybuf))
{
DPRINTF("mysql_query failed second time, giving up: %s", mysql_error(mysql));
free(querybuf);
auth_mysql_cleanup();
return;
}
}
free(querybuf);
result = mysql_use_result (mysql);
if (result)
{
const char *username;
uid_t uid;
gid_t gid;
const char *homedir;
const char *maildir;
const char *options;
while ((row = mysql_fetch_row (result)) != NULL)
{
if(!row[0] || !row[0][0]
|| !row[1] || !row[1][0]
|| !row[2] || !row[2][0]
|| !row[3] || !row[3][0])
{
continue;
}
username=row[0];
uid=atol(row[1]); /* FIXME use strtol to validate */
gid=atol(row[2]);
homedir=row[3];
maildir=row[4];
options=row[5];
if (maildir && !*maildir)
maildir=NULL;
(*cb_func)(username, uid, gid, homedir,
maildir, options, void_arg);
}
}
/* NULL row could indicate end of result or an error */
if (mysql_errno(mysql))
{
DPRINTF("mysql error during enumeration: %s", mysql_error(mysql));
}
else
(*cb_func)(NULL, 0, 0, NULL, NULL, NULL, void_arg);
if (result) mysql_free_result(result);
}