From: Alan T. DeKok <aland@freeradius.org>
Date: Wed, 23 Jun 2021 13:22:37 +0000 (-0400)
Subject: catch things we know are wrong, instead of requiring SELECT
X-Git-Tag: release_3_0_24~191
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8df38da8fbd444c70996ee49c141edbcf46061f6;p=thirdparty%2Ffreeradius-server.git

catch things we know are wrong, instead of requiring SELECT

which allows CALL to be used
---

diff --git a/src/modules/rlm_sql_map/rlm_sql_map.c b/src/modules/rlm_sql_map/rlm_sql_map.c
index 5443cf3c4f0..e720c8e7aa0 100644
--- a/src/modules/rlm_sql_map/rlm_sql_map.c
+++ b/src/modules/rlm_sql_map/rlm_sql_map.c
@@ -317,8 +317,10 @@ static int mod_bootstrap(CONF_SECTION *conf, void *instance)
 
 	while (isspace((int) *p)) p++;
 
-	if (strncasecmp(p, "select", 6) != 0) {
-		cf_log_err_cs(conf, "'query' MUST be 'SELECT ...', not 'INSERT' or 'UPDATE'");
+	if ((strncasecmp(p, "insert", 6) == 0) ||
+	    (strncasecmp(p, "update", 6) == 0) ||
+	    (strncasecmp(p, "delete", 6) == 0)) {
+		cf_log_err_cs(conf, "'query' MUST be 'SELECT ...', not 'INSERT', 'UPDATE', or 'DELETE'");
 		return -1;
 	}