Commit | Line | Data |
---|---|---|
f8beb284 MW |
1 | /*$Id: checktag.c,v 1.11 1999/11/10 04:08:27 lindberg Exp $*/ |
2 | /*$Name: ezmlm-idx-040 $*/ | |
3 | #include "stralloc.h" | |
4 | #include "scan.h" | |
5 | #include "fmt.h" | |
6 | #include "cookie.h" | |
7 | #include "makehash.h" | |
8 | #include "strerr.h" | |
9 | #include "errtxt.h" | |
10 | #include "subscribe.h" | |
11 | #include <mysql.h> | |
12 | ||
13 | static stralloc key = {0}; | |
14 | static stralloc line = {0}; | |
15 | static stralloc quoted = {0}; | |
16 | static char strnum[FMT_ULONG]; | |
17 | static char newcookie[COOKIE]; | |
18 | ||
19 | char *checktag (dir,num,listno,action,seed,hash) | |
20 | /* reads dir/sql. If not present, returns success (NULL). If dir/sql is */ | |
21 | /* present, checks hash against the cookie table. If match, returns success*/ | |
22 | /* (NULL), else returns "". If error, returns error string. */ | |
23 | ||
24 | char *dir; /* the db base dir */ | |
25 | unsigned long num; /* message number */ | |
26 | unsigned long listno; /* bottom of range => slave */ | |
27 | char *action; | |
28 | char *seed; /* cookie base */ | |
29 | char *hash; /* cookie */ | |
30 | { | |
31 | MYSQL_RES *result; | |
32 | MYSQL_ROW row; | |
33 | char *table = (char *) 0; | |
34 | char *r; | |
35 | ||
36 | if ((r = opensql(dir,&table))) { | |
37 | if (*r) return r; | |
38 | if (!seed) return (char *) 0; /* no data - accept */ | |
39 | ||
40 | strnum[fmt_ulong(strnum,num)] = '\0'; /* message nr ->string*/ | |
41 | ||
42 | switch(slurp("key",&key,32)) { | |
43 | case -1: | |
44 | return ERR_READ_KEY; | |
45 | case 0: | |
46 | return ERR_NOEXIST_KEY; | |
47 | } | |
48 | ||
49 | cookie(newcookie,key.s,key.len,strnum,seed,action); | |
50 | if (byte_diff(hash,COOKIE,newcookie)) return ""; | |
51 | else return (char *) 0; | |
52 | ||
53 | } else { | |
54 | ||
55 | /* SELECT msgnum FROM table_cookie WHERE msgnum=num and cookie='hash' */ | |
56 | /* succeeds only is everything correct. 'hash' is quoted since it is */ | |
57 | /* potentially hostile. */ | |
58 | if (listno) { /* only for slaves */ | |
59 | if (!stralloc_copys(&line,"SELECT listno FROM ")) return ERR_NOMEM; | |
60 | if (!stralloc_cats(&line,table)) return ERR_NOMEM; | |
61 | if (!stralloc_cats(&line,"_mlog WHERE listno=")) return ERR_NOMEM; | |
62 | if (!stralloc_catb(&line,strnum,fmt_ulong(strnum,listno))) | |
63 | return ERR_NOMEM; | |
64 | if (!stralloc_cats(&line," AND msgnum=")) return ERR_NOMEM; | |
65 | if (!stralloc_catb(&line,strnum,fmt_ulong(strnum,num))) return ERR_NOMEM; | |
66 | if (!stralloc_cats(&line," AND done > 3")) return ERR_NOMEM; | |
67 | if (mysql_real_query((MYSQL *) psql,line.s,line.len) != 0) | |
68 | return mysql_error((MYSQL *) psql); /* query */ | |
69 | if (!(result = mysql_use_result((MYSQL *) psql))) /* use result */ | |
70 | return mysql_error((MYSQL *) psql); | |
71 | if ((row = mysql_fetch_row(result))) | |
72 | return ""; /*already done */ | |
73 | else /* no result */ | |
74 | if (!mysql_eof(result)) | |
75 | return mysql_error((MYSQL *) psql); | |
76 | mysql_free_result(result); /* free res */ | |
77 | } | |
78 | ||
79 | if (!stralloc_copys(&line,"SELECT msgnum FROM ")) return ERR_NOMEM; | |
80 | if (!stralloc_cats(&line,table)) return ERR_NOMEM; | |
81 | if (!stralloc_cats(&line,"_cookie WHERE msgnum=")) return ERR_NOMEM; | |
82 | if (!stralloc_catb(&line,strnum,fmt_ulong(strnum,num))) return ERR_NOMEM; | |
83 | if (!stralloc_cats(&line," and cookie='")) return ERR_NOMEM; | |
84 | if (!stralloc_ready("ed,COOKIE * 2 + 1)) return ERR_NOMEM; | |
85 | quoted.len = mysql_escape_string(quoted.s,hash,COOKIE); | |
86 | if (!stralloc_cat(&line,"ed)) return ERR_NOMEM; | |
87 | if (!stralloc_cats(&line,"'")) return ERR_NOMEM; | |
88 | ||
89 | if (mysql_real_query((MYSQL *) psql,line.s,line.len) != 0) /* select */ | |
90 | return mysql_error((MYSQL *) psql); | |
91 | if (!(result = mysql_use_result((MYSQL *) psql))) | |
92 | return mysql_error((MYSQL *) psql); | |
93 | if (!mysql_fetch_row(result)) { | |
94 | if (!mysql_eof(result)) /* some error occurred */ | |
95 | return mysql_error((MYSQL *) psql); | |
96 | mysql_free_result(result); /* eof => query ok, but null result*/ | |
97 | return ""; /* not parent => perm error */ | |
98 | } | |
99 | mysql_free_result(result); /* success! cookie matches */ | |
100 | if (listno) | |
101 | (void) logmsg(dir,num,listno,0L,3); /* non-ess mysql logging */ | |
102 | return (char *)0; | |
103 | } | |
104 | } |