From: Phil Mayers <p.mayers@imperial.ac.uk>
Date: Fri, 21 Sep 2012 16:55:48 +0000 (+0100)
Subject: rlm_sql: use escape function argument to make safe-characters per-instance rather... 
X-Git-Tag: release_3_0_0_beta1~1662^2~1^2~5
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b2f9f15ce52f83e577ef2306c73290d888edfb70;p=thirdparty%2Ffreeradius-server.git

rlm_sql: use escape function argument to make safe-characters per-instance rather than global
---

diff --git a/src/modules/rlm_sql/rlm_sql.c b/src/modules/rlm_sql/rlm_sql.c
index 0ff428b13b7..2dee3ff657f 100644
--- a/src/modules/rlm_sql/rlm_sql.c
+++ b/src/modules/rlm_sql/rlm_sql.c
@@ -39,8 +39,6 @@ RCSID("$Id$")
 
 #include "rlm_sql.h"
 
-static char *allowed_chars = NULL;
-
 static const CONF_PARSER section_config[] = {
 	{ "reference",  PW_TYPE_STRING_PTR,
 	  offsetof(rlm_sql_config_section_t, reference), NULL, ".query"},
@@ -155,7 +153,7 @@ static size_t sql_xlat(void *instance, REQUEST *request,
 	/*
 	 * Do an xlat on the provided string (nice recursive operation).
 	 */
-	if (!radius_xlat(querystr, sizeof(querystr), fmt, request, sql_escape_func, NULL)) {
+	if (!radius_xlat(querystr, sizeof(querystr), fmt, request, sql_escape_func, inst)) {
 		radlog(L_ERR, "rlm_sql (%s): xlat failed.",
 		       inst->config->xlat_name);
 		return 0;
@@ -403,8 +401,9 @@ static int generate_sql_clients(SQL_INST *inst)
 /*
  *	Translate the SQL queries.
  */
-static size_t sql_escape_func(UNUSED REQUEST *request, char *out, size_t outlen, const char *in, UNUSED void *arg)
+static size_t sql_escape_func(UNUSED REQUEST *request, char *out, size_t outlen, const char *in, void *arg)
 {
+	SQL_INST *inst = arg;
 	size_t len = 0;
 
 	while (in[0]) {
@@ -413,7 +412,7 @@ static size_t sql_escape_func(UNUSED REQUEST *request, char *out, size_t outlen,
 		 *	mime-encoded equivalents.
 		 */
 		if ((in[0] < 32) ||
-		    strchr(allowed_chars, *in) == NULL) {
+		    strchr(inst->config->allowed_chars, *in) == NULL) {
 			/*
 			 *	Only 3 or less bytes available.
 			 */
@@ -520,7 +519,7 @@ static int sql_get_grouplist (SQL_INST *inst, SQLSOCK *sqlsocket, REQUEST *reque
 	    (inst->config->groupmemb_query[0] == 0))
 		return 0;
 
-	if (!radius_xlat(querystr, sizeof(querystr), inst->config->groupmemb_query, request, sql_escape_func, NULL)) {
+	if (!radius_xlat(querystr, sizeof(querystr), inst->config->groupmemb_query, request, sql_escape_func, inst)) {
 		radlog_request(L_ERR, 0, request, "xlat \"%s\" failed.",
 			       inst->config->groupmemb_query);
 		return -1;
@@ -671,7 +670,7 @@ static int rlm_sql_process_groups(SQL_INST *inst, REQUEST *request, SQLSOCK *sql
 			return -1;
 		}
 		pairadd(&request->packet->vps, sql_group);
-		if (!radius_xlat(querystr, sizeof(querystr), inst->config->authorize_group_check_query, request, sql_escape_func, NULL)) {
+		if (!radius_xlat(querystr, sizeof(querystr), inst->config->authorize_group_check_query, request, sql_escape_func, inst)) {
 			radlog_request(L_ERR, 0, request,
 				       "Error generating query; rejecting user");
 			/* Remove the grouup we added above */
@@ -699,7 +698,7 @@ static int rlm_sql_process_groups(SQL_INST *inst, REQUEST *request, SQLSOCK *sql
 				/*
 				 *	Now get the reply pairs since the paircompare matched
 				 */
-				if (!radius_xlat(querystr, sizeof(querystr), inst->config->authorize_group_reply_query, request, sql_escape_func, NULL)) {
+				if (!radius_xlat(querystr, sizeof(querystr), inst->config->authorize_group_reply_query, request, sql_escape_func, inst)) {
 					radlog_request(L_ERR, 0, request, "Error generating query; rejecting user");
 					/* Remove the grouup we added above */
 					pairdelete(&request->packet->vps, PW_SQL_GROUP, 0);
@@ -734,7 +733,7 @@ static int rlm_sql_process_groups(SQL_INST *inst, REQUEST *request, SQLSOCK *sql
 			/*
 			 *	Now get the reply pairs since the paircompare matched
 			 */
-			if (!radius_xlat(querystr, sizeof(querystr), inst->config->authorize_group_reply_query, request, sql_escape_func, NULL)) {
+			if (!radius_xlat(querystr, sizeof(querystr), inst->config->authorize_group_reply_query, request, sql_escape_func, inst)) {
 				radlog_request(L_ERR, 0, request, "Error generating query; rejecting user");
 				/* Remove the grouup we added above */
 				pairdelete(&request->packet->vps, PW_SQL_GROUP, 0);
@@ -809,12 +808,6 @@ static int rlm_sql_detach(void *instance)
 			free(*p);
 			*p = NULL;
 		}
-		/*
-		 *	Catch multiple instances of the module.
-		 */
-		if (allowed_chars == inst->config->allowed_chars) {
-			allowed_chars = NULL;
-		}
 		free(inst->config);
 		inst->config = NULL;
 	}
@@ -1003,7 +996,6 @@ static int rlm_sql_instantiate(CONF_SECTION * conf, void **instance)
 			goto error;
 		}
 	}
-	allowed_chars = inst->config->allowed_chars;
 
 	*instance = inst;
 
@@ -1060,7 +1052,7 @@ static int rlm_sql_authorize(void *instance, REQUEST * request)
 	/*
 	 * Alright, start by getting the specific entry for the user
 	 */
-	if (!radius_xlat(querystr, sizeof(querystr), inst->config->authorize_check_query, request, sql_escape_func, NULL)) {
+	if (!radius_xlat(querystr, sizeof(querystr), inst->config->authorize_check_query, request, sql_escape_func, inst)) {
 		radlog_request(L_ERR, 0, request, "Error generating query; rejecting user");
 		sql_release_socket(inst, sqlsocket);
 		/* Remove the username we (maybe) added above */
@@ -1089,7 +1081,7 @@ static int rlm_sql_authorize(void *instance, REQUEST * request)
 			/*
 			 *	Now get the reply pairs since the paircompare matched
 			 */
-			if (!radius_xlat(querystr, sizeof(querystr), inst->config->authorize_reply_query, request, sql_escape_func, NULL)) {
+			if (!radius_xlat(querystr, sizeof(querystr), inst->config->authorize_reply_query, request, sql_escape_func, inst)) {
 				radlog_request(L_ERR, 0, request, "Error generating query; rejecting user");
 				sql_release_socket(inst, sqlsocket);
 				/* Remove the username we (maybe) added above */
@@ -1265,7 +1257,7 @@ static int rlm_sql_redundant(SQL_INST *inst, REQUEST *request,
 			goto null_query;
 		
 		radius_xlat(querystr, sizeof(querystr), value, request,
-			    sql_escape_func, NULL);
+			    sql_escape_func, inst);
 		if (!*querystr)
 			goto null_query;
 		
@@ -1379,7 +1371,7 @@ static int rlm_sql_checksimul(void *instance, REQUEST * request) {
 	if(sql_set_user(inst, request, sqlusername, NULL) < 0)
 		return RLM_MODULE_FAIL;
 
-	radius_xlat(querystr, sizeof(querystr), inst->config->simul_count_query, request, sql_escape_func, NULL);
+	radius_xlat(querystr, sizeof(querystr), inst->config->simul_count_query, request, sql_escape_func, inst);
 
 	/* initialize the sql socket */
 	sqlsocket = sql_get_socket(inst);
@@ -1423,7 +1415,7 @@ static int rlm_sql_checksimul(void *instance, REQUEST * request) {
 		return RLM_MODULE_OK;
 	}
 
-	radius_xlat(querystr, sizeof(querystr), inst->config->simul_verify_query, request, sql_escape_func, NULL);
+	radius_xlat(querystr, sizeof(querystr), inst->config->simul_verify_query, request, sql_escape_func, inst);
 	if(rlm_sql_select_query(&sqlsocket, inst, querystr)) {
 		sql_release_socket(inst, sqlsocket);
 		return RLM_MODULE_FAIL;