src/auth/passdb-sql.c

	passdb-sql.c revision 1e7252421b9c85b898fef7e75bd6422ef1f046e4
153bb1867986d6db392e2cfa711ad6231fce8abeJon A. Cruz/* Copyright (C) 2004 Timo Sirainen, Alex Howansky */
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental#include "common.h"
5ef6cb9428f2e6f5457e890a1c3b37f53730c07aFelipe C. da S. Sanches
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental#ifdef PASSDB_SQL
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental#include "str.h"
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental#include "strescape.h"
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental#include "var-expand.h"
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental#include "safe-memset.h"
5c45bb188ab729e501e48732842cb9de6a9813beAlex Valavanis#include "password-scheme.h"
5c45bb188ab729e501e48732842cb9de6a9813beAlex Valavanis#include "auth-cache.h"
d43aaac876bf967f3ab5a14f9abffd79d7959c80Alex Valavanis#include "db-sql.h"
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis#include "passdb.h"
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental#include <stdlib.h>
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental#include <string.h>
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmentalstruct sql_passdb_module {
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental    struct passdb_module module;
201dd75f32dd95c5f030d70991f0bad30e7ff2b7Johan Engelen
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis    struct sql_connection *conn;
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis};
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanisstruct passdb_sql_request {
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis    struct auth_request *auth_request;
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis    union {
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental        verify_plain_callback_t *verify_plain;
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental                lookup_credentials_callback_t *lookup_credentials;
97aa2c127aec1580cca1fcbe303253df3029df39nicholasbishop        set_credentials_callback_t *set_credentials;
97aa2c127aec1580cca1fcbe303253df3029df39nicholasbishop    } callback;
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental};
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental
d754d035663e44cb000f1f2b41a2fe8bfcfebd6djucabluesstatic void sql_query_save_results(struct sql_result *result,
5cf332777b4c27336d64c273ac63bce3ee27a53dAlex Valavanis                   struct passdb_sql_request *sql_request)
5cf332777b4c27336d64c273ac63bce3ee27a53dAlex Valavanis{
d754d035663e44cb000f1f2b41a2fe8bfcfebd6djucablues    struct auth_request *auth_request = sql_request->auth_request;
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental    struct passdb_module *_module = auth_request->passdb->passdb;
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental    struct sql_passdb_module *module = (struct sql_passdb_module *)_module;
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental    unsigned int i, fields_count;
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental    const char *name, *value;
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental        fields_count = sql_result_get_fields_count(result);
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop    for (i = 0; i < fields_count; i++) {
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop        name = sql_result_get_field_name(result, i);
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis        value = sql_result_get_field_value(result, i);
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis        if (*name != '\0' && value != NULL) {
68991a79a8befd84ef9af0fd4ee9922e149c5205nicholasbishop            auth_request_set_field(auth_request, name, value,
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis                module->conn->set.default_pass_scheme);
68991a79a8befd84ef9af0fd4ee9922e149c5205nicholasbishop        }
68991a79a8befd84ef9af0fd4ee9922e149c5205nicholasbishop    }
68991a79a8befd84ef9af0fd4ee9922e149c5205nicholasbishop}
68991a79a8befd84ef9af0fd4ee9922e149c5205nicholasbishop
68991a79a8befd84ef9af0fd4ee9922e149c5205nicholasbishopstatic void sql_query_callback(struct sql_result *result,
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop                   struct passdb_sql_request *sql_request)
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop{
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop    struct auth_request *auth_request = sql_request->auth_request;
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop    enum passdb_result passdb_result;
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop    const char *user, *password, *scheme;
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis    int ret;
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis    passdb_result = PASSDB_RESULT_INTERNAL_FAILURE;
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis    user = auth_request->user;
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis    password = NULL;
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop    ret = sql_result_next_row(result);
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop    if (ret < 0) {
685292a24e42a23ca4fa7cc467398ce10fcfd453JucaBlues        auth_request_log_error(auth_request, "sql",
685292a24e42a23ca4fa7cc467398ce10fcfd453JucaBlues                       "Password query failed: %s",
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis                       sql_result_get_error(result));
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop    } else if (ret == 0) {
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop        auth_request_log_info(auth_request, "sql", "unknown user");
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental        passdb_result = PASSDB_RESULT_USER_UNKNOWN;
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental    } else {
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis        sql_query_save_results(result, sql_request);
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis        /* Note that we really want to check if the password field is
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental           found. Just checking if password is set isn't enough,
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis           because with proxies we might want to return NULL as
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental           password. */
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental        if (sql_result_find_field(result, "password") < 0) {
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental            auth_request_log_error(auth_request, "sql",
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental                "Password query must return a field named "
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis                "'password'");
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis        } else if (sql_result_next_row(result) > 0) {
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis            auth_request_log_error(auth_request, "sql",
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental                "Password query returned multiple matches");
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis        } else if (auth_request->passdb_password == NULL &&
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental               !auth_request->no_password) {
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental            auth_request_log_info(auth_request, "sql",
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental                "Empty password returned without no_password");
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental            passdb_result = PASSDB_RESULT_PASSWORD_MISMATCH;
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis        } else {
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis            /* passdb_password may change on the way,
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis               so we'll need to strdup. */
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental            password = t_strdup(auth_request->passdb_password);
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis            passdb_result = PASSDB_RESULT_OK;
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental        }
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental    }
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis    scheme = password_get_scheme(&password);
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis    /* auth_request_set_field() sets scheme */
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental    i_assert(password == NULL || scheme != NULL);
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental    if (auth_request->credentials_scheme != NULL) {
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental        passdb_handle_credentials(passdb_result, password, scheme,
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental            sql_request->callback.lookup_credentials,
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis            auth_request);
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis        auth_request_unref(&auth_request);
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis        return;
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental    }
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental    /* verify plain */
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental    if (password == NULL) {
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental        sql_request->callback.verify_plain(passdb_result, auth_request);
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental        auth_request_unref(&auth_request);
cff0a1487c551f4d21d1d6da1c81335435814675Alex Valavanis        return;
cff0a1487c551f4d21d1d6da1c81335435814675Alex Valavanis    }
cff0a1487c551f4d21d1d6da1c81335435814675Alex Valavanis
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental    ret = auth_request_password_verify(auth_request,
cff0a1487c551f4d21d1d6da1c81335435814675Alex Valavanis                       auth_request->mech_password,
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental                       password, scheme, "sql");
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental    sql_request->callback.verify_plain(ret > 0 ? PASSDB_RESULT_OK :
cff0a1487c551f4d21d1d6da1c81335435814675Alex Valavanis                       PASSDB_RESULT_PASSWORD_MISMATCH,
cff0a1487c551f4d21d1d6da1c81335435814675Alex Valavanis                       auth_request);
cff0a1487c551f4d21d1d6da1c81335435814675Alex Valavanis    auth_request_unref(&auth_request);
cff0a1487c551f4d21d1d6da1c81335435814675Alex Valavanis}
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental
cff0a1487c551f4d21d1d6da1c81335435814675Alex Valavanisstatic const char *
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmentalpassdb_sql_escape(const char *str, const struct auth_request *auth_request)
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental{
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental    struct passdb_module *_module = auth_request->passdb->passdb;
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental    struct sql_passdb_module *module = (struct sql_passdb_module *)_module;
9982f495cde2750b1c6446bfb152af73ab981512Johan Engelen
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental    return sql_escape_string(module->conn->db, str);
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental}
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental
9982f495cde2750b1c6446bfb152af73ab981512Johan Engelenstatic void sql_lookup_pass(struct passdb_sql_request *sql_request)
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental{
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental    struct passdb_module *_module =
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental        sql_request->auth_request->passdb->passdb;
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental    struct sql_passdb_module *module = (struct sql_passdb_module *)_module;
328fffb9854baed083286c6ff41b8a040298b340nicholasbishop    string_t *query;
328fffb9854baed083286c6ff41b8a040298b340nicholasbishop
328fffb9854baed083286c6ff41b8a040298b340nicholasbishop    query = t_str_new(512);
328fffb9854baed083286c6ff41b8a040298b340nicholasbishop    var_expand(query, module->conn->set.password_query,
328fffb9854baed083286c6ff41b8a040298b340nicholasbishop           auth_request_get_var_expand_table(sql_request->auth_request,
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop                             passdb_sql_escape));
d754d035663e44cb000f1f2b41a2fe8bfcfebd6djucablues
b068af856bbc33238f425b3221426aa52e554ce0nicholasbishop    auth_request_log_debug(sql_request->auth_request, "sql",
d754d035663e44cb000f1f2b41a2fe8bfcfebd6djucablues                   "query: %s", str_c(query));
d754d035663e44cb000f1f2b41a2fe8bfcfebd6djucablues
752bd54d33076c171ca18f54c41c21fb0fa2ef35JazzyNico    auth_request_ref(sql_request->auth_request);
752bd54d33076c171ca18f54c41c21fb0fa2ef35JazzyNico    sql_query(module->conn->db, str_c(query),
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop          sql_query_callback, sql_request);
97aa2c127aec1580cca1fcbe303253df3029df39nicholasbishop}
97aa2c127aec1580cca1fcbe303253df3029df39nicholasbishop
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanisstatic void sql_verify_plain(struct auth_request *request,
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis                 const char *password __attr_unused__,
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis                 verify_plain_callback_t *callback)
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis{
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis    struct passdb_sql_request *sql_request;
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop    sql_request = p_new(request->pool, struct passdb_sql_request, 1);
b068af856bbc33238f425b3221426aa52e554ce0nicholasbishop    sql_request->auth_request = request;
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis    sql_request->callback.verify_plain = callback;
b068af856bbc33238f425b3221426aa52e554ce0nicholasbishop
b068af856bbc33238f425b3221426aa52e554ce0nicholasbishop    sql_lookup_pass(sql_request);
b068af856bbc33238f425b3221426aa52e554ce0nicholasbishop}
b068af856bbc33238f425b3221426aa52e554ce0nicholasbishop
b068af856bbc33238f425b3221426aa52e554ce0nicholasbishopstatic void sql_lookup_credentials(struct auth_request *request,
b068af856bbc33238f425b3221426aa52e554ce0nicholasbishop                   lookup_credentials_callback_t *callback)
b068af856bbc33238f425b3221426aa52e554ce0nicholasbishop{
b068af856bbc33238f425b3221426aa52e554ce0nicholasbishop    struct passdb_sql_request *sql_request;
b068af856bbc33238f425b3221426aa52e554ce0nicholasbishop
b068af856bbc33238f425b3221426aa52e554ce0nicholasbishop    sql_request = p_new(request->pool, struct passdb_sql_request, 1);
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop    sql_request->auth_request = request;
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop    sql_request->callback.lookup_credentials = callback;
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop        sql_lookup_pass(sql_request);
b068af856bbc33238f425b3221426aa52e554ce0nicholasbishop}
b068af856bbc33238f425b3221426aa52e554ce0nicholasbishop
b068af856bbc33238f425b3221426aa52e554ce0nicholasbishopstatic void sql_set_credentials_callback(const char *error,
b068af856bbc33238f425b3221426aa52e554ce0nicholasbishop                     struct passdb_sql_request *sql_request)
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop{
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop    enum passdb_result result;
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop    if (error == NULL)
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop        result = PASSDB_RESULT_OK;
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop    else {
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop        result = PASSDB_RESULT_INTERNAL_FAILURE;
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop        auth_request_log_error(sql_request->auth_request, "sql",
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop                       "Set credentials query failed: %s",
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop                       error);
4524755733342d1f59efec7d655bfb6a47c0ab72John Smith    }
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop    sql_request->callback.set_credentials(result,
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop                          sql_request->auth_request);
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop    i_free(sql_request);
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop}
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop
e1340809e493886df96a707098af3f6923069ff8nicholasbishopstatic int sql_set_credentials(struct auth_request *request,
e1340809e493886df96a707098af3f6923069ff8nicholasbishop                   const char *new_credentials,
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis                   set_credentials_callback_t *callback)
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis{
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis    struct sql_passdb_module *module =
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis        (struct sql_passdb_module *) request->passdb->passdb;
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop    struct sql_transaction_context *transaction;
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop    struct passdb_sql_request *sql_request;
3deb9b5ce0f058530cd0749009464b5afe8cf09cAlex Valavanis    string_t *query;
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop    t_push();
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop    request->mech_password = p_strdup(request->pool, new_credentials);
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop    query = t_str_new(512);
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop    var_expand(query, module->conn->set.update_query,
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop           auth_request_get_var_expand_table(request,
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop                             passdb_sql_escape));
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop    sql_request = i_new(struct passdb_sql_request, 1);
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop    sql_request->auth_request = request;
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop    sql_request->callback.set_credentials = callback;
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop    transaction = sql_transaction_begin(module->conn->db);
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop    sql_update(transaction, str_c(query));
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop    sql_transaction_commit(&transaction,
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop                   sql_set_credentials_callback, sql_request);
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop    t_pop();
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop    return 0;
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop}
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishopstatic struct passdb_module *
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishoppassdb_sql_preinit(struct auth_passdb *auth_passdb, const char *args)
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop{
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop    struct sql_passdb_module *module;
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop    struct sql_connection *conn;
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop    module = p_new(auth_passdb->auth->pool, struct sql_passdb_module, 1);
d297097bc1b9d4e074089ea5d649c2a0d270ff42nicholasbishop    module->conn = conn = db_sql_init(args);
e3b2acf99faddc117281614b33fe55e7c8141278nicholasbishop
e3b2acf99faddc117281614b33fe55e7c8141278nicholasbishop    module->module.cache_key =
e3b2acf99faddc117281614b33fe55e7c8141278nicholasbishop        auth_cache_parse_key(auth_passdb->auth->pool,
e3b2acf99faddc117281614b33fe55e7c8141278nicholasbishop                     conn->set.password_query);
e3b2acf99faddc117281614b33fe55e7c8141278nicholasbishop    module->module.default_pass_scheme = conn->set.default_pass_scheme;
e3b2acf99faddc117281614b33fe55e7c8141278nicholasbishop    return &module->module;
b068af856bbc33238f425b3221426aa52e554ce0nicholasbishop}
b068af856bbc33238f425b3221426aa52e554ce0nicholasbishop
b068af856bbc33238f425b3221426aa52e554ce0nicholasbishopstatic void passdb_sql_init(struct passdb_module *_module,
b068af856bbc33238f425b3221426aa52e554ce0nicholasbishop                const char *args __attr_unused__)
b068af856bbc33238f425b3221426aa52e554ce0nicholasbishop{
b068af856bbc33238f425b3221426aa52e554ce0nicholasbishop    struct sql_passdb_module *module =
b068af856bbc33238f425b3221426aa52e554ce0nicholasbishop        (struct sql_passdb_module *)_module;
b068af856bbc33238f425b3221426aa52e554ce0nicholasbishop    enum sql_db_flags flags;
b068af856bbc33238f425b3221426aa52e554ce0nicholasbishop
b068af856bbc33238f425b3221426aa52e554ce0nicholasbishop    flags = sql_get_flags(module->conn->db);
b068af856bbc33238f425b3221426aa52e554ce0nicholasbishop    module->module.blocking = (flags & SQL_DB_FLAG_BLOCKING) != 0;
b068af856bbc33238f425b3221426aa52e554ce0nicholasbishop
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental    if (!module->module.blocking || worker)
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental                sql_connect(module->conn->db);
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental}
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental
375a47157c1740a5fdd9ad733c347a53381531abAlex Valavanisstatic void passdb_sql_deinit(struct passdb_module *_module)
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental{
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental    struct sql_passdb_module *module =
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental        (struct sql_passdb_module *)_module;
375a47157c1740a5fdd9ad733c347a53381531abAlex Valavanis
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental    db_sql_unref(&module->conn);
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental}
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmental
6e369d7e74c36e07f5fb1e27d37923fbed7dd89cmentalstruct passdb_module_interface passdb_sql = {
375a47157c1740a5fdd9ad733c347a53381531abAlex Valavanis    "sql",

    passdb_sql_preinit,
    passdb_sql_init,
    passdb_sql_deinit,

    sql_verify_plain,
    sql_lookup_credentials,
    sql_set_credentials
};

#endif