Attachment #178579 for bug #255031

View | Details | Raw Unified | Return to bug 255031
Collapse All | Expand All

Lines 340-345 typedef struct { Link Here

(-)mod-auth-mysql~/mod_auth_mysql.c (-20 / +31 lines)
340		340
341	module auth_mysql_module;	341	module auth_mysql_module;
342		342
		343	static int open_auth_dblink(request_rec r, mysql_auth_config_rec sec);
		344
343	#ifdef APACHE2	345	#ifdef APACHE2
344	static apr_status_t	346	static apr_status_t
345	#else	347	#else
Lines 506-514 static const char *set_scrambled_passwor Link Here
506	* server when passed in as part of a query.	508	* server when passed in as part of a query.
507	*/	509	*/
508	#ifdef APACHE2	510	#ifdef APACHE2
509	static char mysql_escape(char str, apr_pool_t *p)	511	static char mysql_escape(mysql_auth_config_rec sec, request_rec r, char str, apr_pool_t *p)
510	#else	512	#else
511	static char mysql_escape(char str, pool *p)	513	static char mysql_escape(mysql_auth_config_rec sec, request_rec r, char str, pool *p)
512	#endif	514	#endif
513	{	515	{
514	char *dest;	516	char *dest;
Lines 522-528 static char mysql_escape(char str, poo Link Here
522	return str;	524	return str;
523	}	525	}
524		526
525	mysql_escape_string(dest, str, strlen(str));	527	mysql_real_escape_string(sec->dbh, dest, str, strlen(str));
526		528
527	return dest;	529	return dest;
528	}	530	}
Lines 1374-1398 static int open_auth_dblink(request_rec Link Here
1374	}	1376	}
1375		1377
1376	if (sec->db_charset) {	1378	if (sec->db_charset) {
		1379	const char *check;
		1380
1377	APACHELOG(APLOG_DEBUG, r,	1381	APACHELOG(APLOG_DEBUG, r,
1378	"Setting character set to %s", sec->db_charset);	1382	"Setting character set to %s", sec->db_charset);
1379		1383
1380	query = (char *) PSTRCAT(r->pool, "SET CHARACTER SET ", sec->db_charset, NULL);	1384	mysql_set_character_set(sec->dbh, sec->db_charset);
1381	if (!query) {
1382	APACHELOG(APLOG_ERR, r,
1383	"Failed to create query string - we're no good...");
1384	return -1;
1385	}
1386		1385
1387	if (mysql_query(sec->dbh, query)) {	1386	check = mysql_character_set_name(sec->dbh);
1388	if (sec->dbh)
1389	{
1390	APACHELOG(APLOG_ERR, r,
1391	"Query call failed: %s (%i)", mysql_error(sec->dbh),
1392	mysql_errno(sec->dbh));
1393	}
1394		1387
1395	APACHELOG(APLOG_DEBUG, r, "Failed query was: [%s]", query);	1388	if (!check \|\| strcmp(sec->db_charset, check)) {
		1389	APACHELOG(APLOG_ERR, r,
		1390	"Failed to set character set to %s", sec->db_charset);
1396	return -1;	1391	return -1;
1397	}	1392	}
1398	}	1393	}
Lines 1537-1547 static int mysql_check_user_password(req Link Here
1537	char auth_table = "mysql_auth", auth_user_field = "username",	1532	char auth_table = "mysql_auth", auth_user_field = "username",
1538	auth_password_field = "passwd", auth_password_clause = "";	1533	auth_password_field = "passwd", auth_password_clause = "";
1539	char *query;	1534	char *query;
1540	char *esc_user = mysql_escape(user, r->pool);	1535	char *esc_user = NULL;
1541	MYSQL_RES *result;	1536	MYSQL_RES *result;
1542	MYSQL_ROW sql_row;	1537	MYSQL_ROW sql_row;
		1538	int error = CR_UNKNOWN_ERROR;
1543	int rv;	1539	int rv;
1544		1540
		1541	if (!sec->dbh) {
		1542	APACHELOG(APLOG_DEBUG, r,
		1543	"No DB connection open - firing one up");
		1544	if ((error = open_auth_dblink(r, sec))) {
		1545	APACHELOG(APLOG_DEBUG, r,
		1546	"open_auth_dblink returned %i", error);
		1547	return error;
		1548	}
		1549
		1550	APACHELOG(APLOG_DEBUG, r,
		1551	"Correctly opened a new DB connection");
		1552	}
		1553
		1554	esc_user = mysql_escape(sec, r, user, r->pool);
		1555
1545	if (sec->user_table) {	1556	if (sec->user_table) {
1546	auth_table = sec->user_table;	1557	auth_table = sec->user_table;
1547	}	1558	}
Lines 1627-1634 static int mysql_check_group(request_rec Link Here
1627	{	1638	{
1628	char auth_table = "mysql_auth", auth_group_field="groups", *auth_group_clause="";	1639	char auth_table = "mysql_auth", auth_group_field="groups", *auth_group_clause="";
1629	char *query;	1640	char *query;
1630	char *esc_user = mysql_escape(user, r->pool);	1641	char *esc_user = mysql_escape(sec, r, user, r->pool);
1631	char *esc_group = mysql_escape(group, r->pool);	1642	char *esc_group = mysql_escape(sec, r, group, r->pool);
1632	MYSQL_RES *result;	1643	MYSQL_RES *result;
1633	MYSQL_ROW row;	1644	MYSQL_ROW row;
1634	char *auth_user_field = "username";	1645	char *auth_user_field = "username";

Return to bug 255031