head	1.2;
access;
symbols;
locks; strict;
comment	@# @;


1.2
date	2001.03.07.00.32.00;	author mharo;	state dead;
branches;
next	1.1;

1.1
date	2001.02.11.21.26.53;	author mharo;	state Exp;
branches;
next	;


desc
@@


1.2
log
@Update to 1.2.1

* Update master sites
* Use bzip2 distfiles instead of gzip
* Add WITHOUT_PAM support.
* Add the quota and wrap (TCP Wrappers support) modules.

Submitted by:	Anders Nordby <anders@@fix.no>
@
text
@--- contrib/mod_sqlpw.c.old	Sun Feb 11 19:47:34 2001
+++ contrib/mod_sqlpw.c	Sun Feb 11 19:45:37 2001
@@@@ -0,0 +1,1020 @@@@
+/*
+ * ProFTPD: mod_sql -- SQL frontend and user interface.
+ * Time-stamp: <1999-10-04 03:58:01 root>
+ * Copyright (c) 1998-1999 Johnie Ingram.
+ *  
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307, USA.
+ */
+
+#define MOD_SQL_VERSION "mod_sqlpw/2.0"
+
+/* This is mod_sqlpw, contrib software for proftpd 1.2.0pre3 and above.
+   For more information contact Johnie Ingram <johnie@@netgod.net>.
+
+   History Log:
+
+   * 2000-03-16: Added SQLKeyField and SQLKey directive, which
+     should allow authentication of different logins for different
+     VirtualHosts to be in the same database table.
+     Jake Buchholz <jake@@execpc.com>
+
+   * 1999-09-19: v2.0: Backend directives split into mod_mysql.
+     Runtime API added.  Username/passwords now escaped for SQL.
+
+   * 1999-09-16: v1.0: Added documentation, made directives more
+     generic ("MySQL" -> "SQL" except for MySQLInfo).  Dir part of
+     SQLLogDirs finally made optional.
+
+   * 1999-06-01: v0.3: fixed segfault, changed 'strncmp' typo which
+     should have been copy.  Made uid/gid support optional.
+   
+   * 1999-05-03: v0.2: Removed dead code, fix bug with interaction
+     with anon-user support.  Added MySQLLogHits and MySQLHomedir
+     directives.  Fixed atoi() invocation that could segfault.
+     Copious debugging code added.
+
+   * 1999-04-09: v0.1: Initial attempt (mod_mysql).
+
+*/
+
+#include "conf.h"
+#ifdef HAVE_CRYPT_H
+#include <crypt.h>
+#endif
+
+#include <mysql.h>
+
+/* *INDENT-OFF* */
+
+/* The Debian defintion of nobody/nogroup, minus 1 (used in getgwnam).  */
+#define MOD_SQL_MAGIC_USER 65533
+#define MOD_SQL_MAGIC_GROUP 65533
+
+/* A uid or gid less than this is mapped to the magic numbers above
+   instead of simply rejected (which is arguably better, hmm.) */
+#define MOD_SQL_MIN_ID 999
+
+#define MOD_SQL_MAGIC_SHELL "/bin/sh"
+
+/* Maximum username field to expect, etc. */
+#define ARBITRARY_MAX                   128
+
+static struct {
+  char user [ARBITRARY_MAX];
+  struct passwd pw;           /* Scratch space for the getpwnam call. */
+  char *pass;                 /* The password from db. */
+
+  char *homedir;              /* Set when getpwnam is called. */
+  int pwnamed;                /* Set when getpwnam is called. */
+  int sqled;                  /* Set if sql auth was used. */
+
+  char *sql_usertable;        /* CREATE TABLE users ( */
+  char *sql_userid;           /* userid varchar(50) NOT NULL, */
+  char *sql_passwd;           /* passwd varchar(15), */
+
+  char *sql_uid;              /* uid int(5), */
+  char *sql_gid;              /* gid int(5), */
+
+  char *sql_fstor;            /* fstor int(11) NOT NULL DEFAULT '0', */
+  char *sql_fretr;            /* fretr int(11) NOT NULL DEFAULT '0', */
+  char *sql_bstor;            /* bstor int(11) NOT NULL DEFAULT '0', */
+  char *sql_bretr;            /* bretr int(11) NOT NULL DEFAULT '0', */
+
+  char *sql_fhdir;            /* fhdir varchar(255), */
+
+  char *sql_fhost;            /* fhost varchar(50), */
+  char *sql_faddr;            /* faddr char(15), */
+  char *sql_ftime;            /* ftime timestamp, */
+
+  char *sql_fcdir;            /* fcdir varchar(255), */
+
+  char *sql_frate;            /* frate int(11) NOT NULL DEFAULT '5', */
+  char *sql_fcred;            /* fcred int(2) NOT NULL DEFAULT '15', */
+  char *sql_brate;            /* brate int(11) NOT NULL DEFAULT '5', */
+  char *sql_bcred;            /* bcred int(2) NOT NULL DEFAULT '150000', */
+
+  char *sql_flogs;            /* flogs int(11) NOT NULL DEFAULT '0', */
+
+  char *sql_hittable;
+  char *sql_dir;
+  char *sql_filename;
+  char *sql_hits;
+
+  char *sql_keyfld;          /* table column name that stores the key */
+  char *sql_key;             /* the key to match db table entries against */
+
+  char *loginmsg;
+  int ok;
+
+} g;
+
+/* *INDENT-ON* */
+
+/* **************************************************************** */
+
+/* Functions make_cmd and dispatch liberally stolen from auth.c. */
+
+static cmd_rec *
+_make_cmd (pool * cp, int argc, ...)
+{
+  va_list args;
+  cmd_rec *c;
+  int i;
+
+  c = pcalloc (cp, sizeof (cmd_rec));
+  c->argc = argc;
+  c->symtable_index = -1;
+
+  c->argv = pcalloc (cp, sizeof (void *) * (argc + 1));
+  c->argv[0] = MOD_SQL_VERSION;
+  va_start (args, argc);
+  for (i = 0; i < argc; i++)
+    c->argv[i + 1] = (void *) va_arg (args, char *);
+  va_end (args);
+
+  return c;
+}
+
+static modret_t *
+_dispatch_sql (cmd_rec * cmd, char *match)
+{
+  authtable *m;
+  modret_t *mr = NULL;
+
+  m = mod_find_auth_symbol (match, &cmd->symtable_index, NULL);
+  while (m)
+    {
+      mr = call_module_auth (m->m, m->handler, cmd);
+      if (MODRET_ISHANDLED (mr) || MODRET_ISERROR (mr))
+	break;
+      m = mod_find_auth_symbol (match, &cmd->symtable_index, m);
+    }
+  if (MODRET_ISERROR (mr))
+    log_debug (DEBUG0, "Aiee! sql internal!  %s", MODRET_ERRMSG (mr));
+  return mr;
+}
+
+MODRET
+modsql_open (cmd_rec * cmd)
+{
+  cmd_rec *c;
+  modret_t *mr;
+
+  c = _make_cmd (cmd ? cmd->tmp_pool : permanent_pool, 0);
+  mr = _dispatch_sql (c, "dbd_open");
+  if (c->tmp_pool)
+    destroy_pool (c->tmp_pool);
+  return mr;
+}
+
+MODRET
+modsql_close (cmd_rec * cmd)
+{
+  cmd_rec *c;
+  modret_t *mr;
+
+  c = _make_cmd (cmd ? cmd->tmp_pool : permanent_pool, 0);
+  mr = _dispatch_sql (c, "dbd_close");
+  if (c->tmp_pool)
+    destroy_pool (c->tmp_pool);
+  return mr;
+}
+
+MODRET
+modsql_update (cmd_rec * cmd, const char *query)
+{
+  cmd_rec *c;
+  modret_t *mr;
+
+  c = _make_cmd (cmd->tmp_pool, 1, query);
+  mr = _dispatch_sql (c, "dbd_update");
+  if (c->tmp_pool)
+    destroy_pool (c->tmp_pool);
+  return mr;
+}
+
+MODRET
+modsql_select (cmd_rec * cmd, const char *query)
+{
+  cmd_rec *c;
+  modret_t *mr;
+
+  c = _make_cmd (cmd->tmp_pool, 1, query);
+  mr = _dispatch_sql (c, "dbd_select");
+  if (c->tmp_pool)
+    destroy_pool (c->tmp_pool);
+  return mr;
+}
+
+MODRET
+modsql_queryuser (cmd_rec * cmd, const char *user, const char *query,
+		  int update)
+{
+  char *realquery;
+
+  if ((update) && (!g.sql_keyfld))
+    realquery = pstrcat (cmd->tmp_pool, "update ", g.sql_usertable,
+			 " set ", query, " where ", g.sql_userid, " = '",
+			 user, "'", NULL);
+  else if ((update) && (g.sql_keyfld))
+    realquery = pstrcat (cmd->tmp_pool, "update ", g.sql_usertable,
+			 " set ", query, " where ", g.sql_userid, " = '",
+			 user, "' and ", g.sql_keyfld, " = '",
+			 g.sql_key, "'", NULL);
+  else if ((!update) && (!g.sql_keyfld))
+    realquery = pstrcat (cmd->tmp_pool, "select ", query, " from ",
+			 g.sql_usertable, " where ", g.sql_userid,
+			 " = '", user, "'", NULL);
+  else
+    realquery = pstrcat (cmd->tmp_pool, "select ", query, " from ",
+			 g.sql_usertable, " where ", g.sql_userid,
+			 " = '", user, "' and ", g.sql_keyfld, " = '",
+			 g.sql_key, "'", NULL);
+  return (update) ? modsql_update (cmd, realquery)
+    : modsql_select (cmd, realquery);
+}
+
+/* **************************************************************** */
+
+static char *
+_uservar (cmd_rec * cmd, const char *user, const char *var)
+{
+  cmd_rec *c;
+  modret_t *mr;
+  char *query;
+  char **data;
+
+  if (!g.sql_keyfld)
+    query = pstrcat (cmd->tmp_pool, "select ", var, " from ",
+		   g.sql_usertable, " where ", g.sql_userid,
+		   " = '", user, "'", NULL);
+  else
+    query = pstrcat (cmd->tmp_pool, "select ", var, " from ",
+		   g.sql_usertable, " where ", g.sql_userid,
+		   " = '", user, "' and ", g.sql_keyfld, " = '",
+		   g.sql_key, "'", NULL);
+  c = _make_cmd (cmd->tmp_pool, 1, query);
+
+  mr = _dispatch_sql (c, "dbd_select");
+
+  if (c->tmp_pool)
+    destroy_pool (c->tmp_pool);
+  if (MODRET_ISHANDLED (mr))
+    {
+      data = mr->data;
+      return (data) ? data[0] : NULL;
+    }
+
+  return NULL;
+}
+
+/* Note: This function is called once by the master proftpd process
+   before it forks, so thankfully the homedir field is only set in the
+   child_init(). */
+
+MODRET
+auth_cmd_getpwnam (cmd_rec * cmd)
+{
+  const char *homedir;
+
+  if (!g.sql_fhdir && !g.homedir)
+    return DECLINED (cmd);
+
+  /* Only try this for the USER command (is also called twice after
+     PASS for some reason.  [update: 1 is dir_realpath/defroot related.] */
+  if (!g.homedir && !g.pwnamed++)
+    {
+      if ((homedir = _uservar (cmd, cmd->argv[0], g.sql_fhdir)))
+	g.homedir = pstrdup (session.pool, homedir);
+    }
+  if (!g.homedir)
+    return DECLINED (cmd);
+
+  if (!g.pw.pw_name)
+    {
+      g.pw.pw_name = pstrdup(session.pool, cmd->argv[0]);
+      if (g.sql_uid)
+	g.pw.pw_uid = atoi (_uservar (cmd, cmd->argv[0], g.sql_uid) ? : "0");
+      if (g.pw.pw_uid < MOD_SQL_MIN_ID)
+	g.pw.pw_uid = MOD_SQL_MAGIC_USER;
+      if (g.sql_gid)
+	g.pw.pw_gid = atoi (_uservar (cmd, cmd->argv[0], g.sql_gid) ? : "0");
+      if (g.pw.pw_gid < MOD_SQL_MIN_ID)
+	g.pw.pw_gid = MOD_SQL_MAGIC_GROUP;
+      g.pw.pw_shell = MOD_SQL_MAGIC_SHELL;
+      g.pw.pw_dir = (char *) g.homedir;
+      log_debug (DEBUG3, "sqlpw: user \"%s\" (%i/%i) for %s",
+		 cmd->argv[0], g.pw.pw_uid, g.pw.pw_gid, g.pw.pw_dir);
+
+      /* Copy username so proftpd anon handling won't confuse the issue. */
+
+      /* FIXME: unnecessary mysqlism */
+      mysql_escape_string (g.user, g.pw.pw_name, strlen (g.pw.pw_name));
+      g.user[ARBITRARY_MAX - 1] = 0;
+    }
+
+  return mod_create_data (cmd, &g.pw);
+}
+
+/* Returns 1 on successful match, 0 unsuccessful match, -1 on error. */
+
+static int
+_checkpass (cmd_rec * cmd, const char *user, const char *pass)
+{
+  int success = 0;
+  char *query;
+  int emptyok, cplain, ccrypt;
+  char **row;
+  MODRET mr;
+
+  emptyok = get_param_int (CURRENT_CONF, "SQLEmptyPasswords", FALSE);
+  cplain = get_param_int (CURRENT_CONF, "SQLPlaintextPasswords", FALSE);
+  ccrypt = get_param_int (CURRENT_CONF, "SQLEncryptedPasswords", FALSE);
+
+  if (!g.sql_keyfld)
+    query = pstrcat (cmd->tmp_pool, "select ", g.sql_passwd, " from ",
+		   g.sql_usertable, " where ", g.sql_userid,
+		   " = '", user, "'", " limit 2", NULL);
+  else
+    query = pstrcat (cmd->tmp_pool, "select ", g.sql_passwd, " from ",
+		   g.sql_usertable, " where ", g.sql_userid,
+		   " = '", user, "' and ", g.sql_keyfld, " = '",
+		   g.sql_key, "' limit 2", NULL);
+  mr = modsql_select (cmd, query);
+  if (!(MODRET_HASDATA (mr)))
+    return -1;
+
+  row = mr->data;
+  if (row[0] == 0)
+    return 0;
+
+  if (!row[0])
+    {
+      log_debug (DEBUG4, "sqlpw: %s auth declined for NULL pass", user);
+      return 0;
+    }
+
+  if (row[1])
+    {
+      log_debug (DEBUG3, "sqlpw: %s pass result was not unique", user);
+      return -1;
+    }
+
+  if (emptyok == TRUE && !strlen (row[0]))
+    {
+      log_debug (DEBUG4, "sqlpw: warning: %s has empty password", user);
+      success = 1;
+    }
+
+  if (!success && cplain == TRUE && !strncasecmp (row[0], pass, 10))
+    {
+      success = 1;
+    }
+
+  /* Deliberate: ccrypt same if TRUE or -1 (unspecified). */
+  if (!success && ccrypt)
+    {
+      if (!strcmp (query = (char *) crypt (pass, row[0]), row[0]))
+	success = 1;
+    }
+
+  if (!success)
+    log_debug (DEBUG5, "sqlpw: %s auth failed: '%s' != '%s'",
+	       user, pass, row ? row[0] : "");
+  return success;
+}
+
+MODRET
+auth_cmd_auth (cmd_rec * cmd)
+{
+  char *user, *pass;
+  int return_type;
+  int retval = AUTH_NOPWD;
+
+  if (!g.sql_passwd || !g.homedir)
+    return DECLINED (cmd);
+
+  /* Figure out our default return style: Whether or not SQL should
+   * allow other auth modules a shot at this user or not is controlled
+   * by the parameter "SQLAuthoritative".  Like mod_pam this
+   * defaults to no.  */
+  if((return_type = get_param_int (CURRENT_CONF,
+				   "SQLAuthoritative", FALSE)) == -1) {
+    return_type = 0;
+  }
+
+  /* Just in case... */
+  if (cmd->argc != 2)
+    return return_type ? ERROR (cmd) : DECLINED (cmd);
+  if ((user = cmd->argv[0]) == NULL)
+    return return_type ? ERROR (cmd) : DECLINED (cmd);
+  if ((pass = cmd->argv[1]) == NULL)
+    return return_type ? ERROR (cmd) : DECLINED (cmd);
+
+  if (!g.pass
+      && get_param_int (CURRENT_CONF, "SQLEmptyPasswords", FALSE) == 2)
+    {
+      char *query;
+      char passbuf[ARBITRARY_MAX] = {'\0'};
+
+      /* FIXME: unnecessary mysqlism */
+      mysql_escape_string (passbuf, cmd->argv[1], strlen (cmd->argv[1]));
+      g.user[ARBITRARY_MAX - 1] = 0;
+
+      if (!g.sql_keyfld)
+        query = pstrcat (cmd->tmp_pool, "update ", g.sql_usertable,
+		       " set ", g.sql_passwd, " = '", passbuf,
+		       "' where ", g.sql_userid, " = '", g.user, "'", 0);
+      else
+        query = pstrcat (cmd->tmp_pool, "update ", g.sql_usertable,
+		       " set ", g.sql_passwd, " = '", passbuf,
+		       "' where ", g.sql_userid, " = '", g.user, "' and ",
+		       g.sql_keyfld, " = '", g.sql_key, "'", 0);
+      log_debug (DEBUG3, "sqlpw: %s NULL pass set to '%s'", user,
+		 cmd->argv[1], query);
+      modsql_update (cmd, query);
+    }
+
+  if (_checkpass (cmd, g.user, pass) != 1)
+    return return_type ? ERROR_INT (cmd, retval) : DECLINED (cmd);
+
+  g.sqled++;
+  return HANDLED (cmd);
+}
+
+MODRET
+auth_cmd_getstats (cmd_rec * cmd)
+{
+  MODRET mr;
+  char *query;
+
+  if (g.sql_fstor)
+    {
+      if (!g.sql_keyfld)
+        query = pstrcat (cmd->tmp_pool, "select ", g.sql_fstor, ", ",
+		       g.sql_fretr, ", ", g.sql_bstor, ", ",
+		       g.sql_bretr, " from ", g.sql_usertable, " where ",
+		       g.sql_userid, " = '", g.user, "'", NULL);
+      else
+        query = pstrcat (cmd->tmp_pool, "select ", g.sql_fstor, ", ",
+		       g.sql_fretr, ", ", g.sql_bstor, ", ",
+		       g.sql_bretr, " from ", g.sql_usertable, " where ",
+		       g.sql_userid, " = '", g.user, "' and ", g.sql_keyfld,
+		       " = '", g.sql_key, "'", NULL);
+      mr = modsql_select (cmd, query);
+      if (MODRET_HASDATA (mr))
+	return mr;
+    }
+  return DECLINED (cmd);
+}
+
+MODRET
+auth_cmd_getratio (cmd_rec * cmd)
+{
+  MODRET mr;
+  char *query;
+
+  if (g.sql_frate)
+    {
+      if (!g.sql_keyfld)
+        query = pstrcat (cmd->tmp_pool, "select ", g.sql_frate, ", ",
+		       g.sql_fcred, ", ", g.sql_brate, ", ",
+		       g.sql_bcred, " from ", g.sql_usertable, " where ",
+		       g.sql_userid, " = '", g.user, "'", NULL);
+      else
+        query = pstrcat (cmd->tmp_pool, "select ", g.sql_frate, ", ",
+		       g.sql_fcred, ", ", g.sql_brate, ", ",
+		       g.sql_bcred, " from ", g.sql_usertable, " where ",
+		       g.sql_userid, " = '", g.user, "' and ", g.sql_keyfld,
+		       " = '", g.sql_key, "'", NULL);
+      mr = modsql_select (cmd, query);
+      if (MODRET_HASDATA (mr))
+	return mr;
+    }
+  return DECLINED (cmd);
+}
+
+static authtable sqlpw_authtab[] = {
+
+  {0, "auth", auth_cmd_auth},
+  {0, "getpwnam", auth_cmd_getpwnam},
+  {0, "getstats", auth_cmd_getstats},
+  {0, "getratio", auth_cmd_getratio},
+  {0, NULL, NULL}
+};
+
+/* **************************************************************** */
+
+static void
+_setstats (cmd_rec * cmd, int fstor, int fretr, int bstor, int bretr)
+{
+  char query[ARBITRARY_MAX] = {'\0'};
+  snprintf (query, sizeof (query),
+	    "%s = %s + %i, %s = %s + %i, %s = %s + %i, %s = %s + %i",
+	    g.sql_fstor, g.sql_fstor, fstor,
+	    g.sql_fretr, g.sql_fretr, fretr,
+	    g.sql_bstor, g.sql_bstor, bstor, g.sql_bretr, g.sql_bretr, bretr);
+  modsql_queryuser (cmd, g.user, query, TRUE);
+}
+
+MODRET
+pre_cmd_quit (cmd_rec * cmd)
+{
+  if (g.ok)
+    modsql_close (cmd);
+  return DECLINED (cmd);
+}
+
+MODRET
+cmd_user (cmd_rec * cmd)
+{
+  if (!g.user[0])
+    sstrncpy (g.user, cmd->argv[1], ARBITRARY_MAX);
+
+  if (g.sql_passwd)
+    {
+      g.pass = (char *) _uservar (cmd, cmd->argv[1], g.sql_passwd);
+      if (!g.pass
+	  && get_param_int (CURRENT_CONF, "SQLEmptyPasswords", FALSE) == 2)
+	if (_uservar (cmd, cmd->argv[1], "1"))
+	  add_response (R_331, "Changing password for %s -- "
+			"this password will be saved.", cmd->argv[1]);
+    }
+  return DECLINED (cmd);
+}
+
+MODRET
+cmd_pass (cmd_rec * cmd)
+{
+  if (g.sql_passwd && !g.pass
+      && get_param_int (CURRENT_CONF, "SQLEmptyPasswords", FALSE) == 2)
+    add_response (R_230, "\"%s\" is the new user \"%s\" password.",
+		  cmd->argv[1], g.user);
+
+  /* This is called before the disconnect() in log_cmd_pass. */
+  if (g.sql_fcdir)
+    {
+      const char *d = _uservar (cmd, g.user, g.sql_fcdir);
+      if (d)
+	add_response (R_230, "\"%s\" was last directory.", d);
+    }
+
+  return DECLINED (cmd);
+}
+
+MODRET
+post_cmd_pass (cmd_rec * cmd)
+{
+  if (g.sql_passwd && g.sqled)
+    session.anon_user = session.user = (char *) g.user;
+  return DECLINED (cmd);
+}
+
+MODRET
+post_cmd_stor (cmd_rec * cmd)
+{
+  if (g.sql_fstor)
+    _setstats (cmd, 1, 0, session.xfer.total_bytes, 0);
+  return DECLINED (cmd);
+}
+
+MODRET
+cmd_retr (cmd_rec * cmd)
+{
+  int i;
+  char *path, *filename, *query;
+  if (g.sql_hittable)
+    {
+      path = dir_realpath (cmd->tmp_pool, cmd->argv[1]);
+      if (g.sql_dir && g.sql_dir[0])
+	{
+	  for (i = strlen (path), filename = path + i;
+	       *filename != '/' && i > 1; i--)
+	    filename--;
+	  *filename++ = 0;
+	  query = pstrcat (cmd->tmp_pool, "update ", g.sql_hittable,
+			   " set ", g.sql_hits, " = ", g.sql_hits,
+			   " + 1 where ", g.sql_dir, " = '", ++path,
+			   "' and ", g.sql_filename, " = '", filename,
+			   "'", 0);
+	}
+      else
+	query = pstrcat (cmd->tmp_pool, "update ", g.sql_hittable,
+			 " set ", g.sql_hits, " = ", g.sql_hits,
+			 " + 1 where ", g.sql_filename, " = '", path, "'", 0);
+      modsql_update (cmd, query);
+    }
+  return DECLINED (cmd);
+}
+
+MODRET
+post_cmd_retr (cmd_rec * cmd)
+{
+  if (g.sql_fretr)
+    _setstats (cmd, 0, 1, 0, session.xfer.total_bytes);
+  return DECLINED (cmd);
+}
+
+MODRET
+log_cmd_pass (cmd_rec * cmd)
+{
+  char *query;
+
+  if (g.sql_fhost)
+    {
+      query = pstrcat (cmd->tmp_pool, g.sql_fhost, " = '",
+		       session.c->remote_name, "', ", g.sql_faddr,
+		       " = '", inet_ntoa (*session.c->remote_ipaddr),
+		       "', ", g.sql_ftime, " = now()", NULL);
+      modsql_queryuser (cmd, g.user, query, TRUE);
+    }
+  if (g.sql_flogs)
+    {
+      query = pstrcat (cmd->tmp_pool, g.sql_flogs, " = ", g.sql_flogs,
+		       " + 1", NULL);
+      modsql_queryuser (cmd, g.user, query, TRUE);
+    }
+
+  /* Autononpersistence: disconnect now if no other feature is being used. */
+  if (!g.sql_fstor && !g.sql_fcdir && !g.sql_hittable)
+    modsql_close (cmd);
+  return DECLINED (cmd);
+}
+
+MODRET
+log_cmd_cwd (cmd_rec * cmd)
+{
+  if (g.sql_fcdir)
+    {
+      char *query = pstrcat (cmd->tmp_pool, g.sql_fcdir, " = '",
+			     session.cwd, "'", NULL);
+      modsql_queryuser (cmd, g.user, query, TRUE);
+    }
+  return DECLINED (cmd);
+}
+
+static cmdtable sqlpw_cmdtab[] = {
+/* *INDENT-OFF* */
+
+  { PRE_CMD,  C_QUIT,	G_NONE, pre_cmd_quit, 	FALSE, FALSE },
+  { CMD,      C_USER,	G_NONE, cmd_user, 	FALSE, FALSE },
+  { CMD,      C_PASS,	G_NONE, cmd_pass, 	FALSE, FALSE },
+  { POST_CMD, C_PASS,	G_NONE, post_cmd_pass, 	FALSE, FALSE },
+  { POST_CMD, C_STOR,	G_NONE, post_cmd_stor, 	FALSE, FALSE },
+  { POST_CMD, C_RETR,	G_NONE, post_cmd_retr, 	FALSE, FALSE },
+  { CMD,      C_RETR,	G_NONE, cmd_retr, 	FALSE, FALSE },
+  { LOG_CMD,  C_PASS,	G_NONE, log_cmd_pass, 	FALSE, FALSE },
+  { LOG_CMD,  C_CWD,	G_NONE, log_cmd_cwd, 	FALSE, FALSE },
+  { LOG_CMD,  C_CDUP,	G_NONE, log_cmd_cwd, 	FALSE, FALSE },
+
+  { 0,	      NULL }
+
+/* *INDENT-ON* */
+};
+
+/* **************************************************************** */
+
+MODRET
+set_sqlloghosts (cmd_rec * cmd)
+{
+  int b;
+
+  CHECK_CONF (cmd, CONF_ROOT | CONF_GLOBAL);
+  switch (cmd->argc - 1)
+    {
+    default:
+      CONF_ERROR (cmd, "requires a boolean or 3 field names: "
+		  "fhost faddr ftime");
+    case 1:
+      if ((b = get_boolean (cmd, 1)) == -1)
+	CONF_ERROR (cmd, "requires a boolean or 3 field names: "
+		    "fhost faddr ftime");
+      if (b)
+	add_config_param_str ("SQLLogHosts", 3, "fhost", "faddr", "ftime");
+      break;
+
+    case 3:
+      add_config_param_str ("SQLLogHosts", 3,
+			    (void *) cmd->argv[1], (void *) cmd->argv[2],
+			    (void *) cmd->argv[3]);
+    }
+  return HANDLED (cmd);
+}
+
+MODRET
+set_sqllogstats (cmd_rec * cmd)
+{
+  int b;
+
+  CHECK_CONF (cmd, CONF_ROOT | CONF_GLOBAL);
+  switch (cmd->argc - 1)
+    {
+    default:
+      CONF_ERROR (cmd, "requires a boolean or 4 field names: "
+		  "fstor fretr bstor bretr");
+    case 1:
+      if ((b = get_boolean (cmd, 1)) == -1)
+	CONF_ERROR (cmd, "requires a boolean or 4 field names: "
+		    "fstor fretr bstor bretr");
+      if (b)
+	add_config_param_str ("SQLLogStats", 4,
+			      "fstor", "fretr", "bstor", "bretr");
+      break;
+
+    case 4:
+      add_config_param_str ("SQLLogStats", 4,
+			    (void *) cmd->argv[1], (void *) cmd->argv[2],
+			    (void *) cmd->argv[3], (void *) cmd->argv[4]);
+    }
+  return HANDLED (cmd);
+}
+
+MODRET
+set_sqlloghits (cmd_rec * cmd)
+{
+  CHECK_CONF (cmd, CONF_ROOT | CONF_GLOBAL);
+  switch (cmd->argc - 1)
+    {
+    default:
+      CONF_ERROR (cmd, "requires a table or table plus 3 fields: "
+		  "[table] filename count dir");
+    case 1:
+      add_config_param_str ("SQLLogHits", 4, (void *) cmd->argv[1],
+			    "filename", "count", "");
+      break;
+    case 3:
+      add_config_param_str ("SQLLogHits", 4,
+			    (void *) cmd->argv[1], (void *) cmd->argv[2],
+			    (void *) cmd->argv[3], "");
+
+    case 4:
+      add_config_param_str ("SQLLogHits", 4,
+			    (void *) cmd->argv[1], (void *) cmd->argv[2],
+			    (void *) cmd->argv[3], (void *) cmd->argv[4]);
+    }
+  return HANDLED (cmd);
+}
+
+MODRET
+set_sqllogdirs (cmd_rec * cmd)
+{
+  int b;
+
+  CHECK_ARGS (cmd, 1);
+  CHECK_CONF (cmd, CONF_ROOT | CONF_GLOBAL);
+  if ((b = get_boolean (cmd, 1)) == -1)
+    add_config_param_str ("SQLLogDirs", 1, (void *) cmd->argv[1]);
+  else if (b)
+    add_config_param_str ("SQLLogDirs", 1, "fcdir");
+  return HANDLED (cmd);
+}
+
+MODRET
+set_sqlratios (cmd_rec * cmd)
+{
+  int b;
+
+  CHECK_CONF (cmd, CONF_ROOT | CONF_GLOBAL);
+  switch (cmd->argc - 1)
+    {
+    default:
+      CONF_ERROR (cmd, "requires a boolean or 4 field names: "
+		  "frate fcred brate bcred");
+    case 1:
+      if ((b = get_boolean (cmd, 1)) == -1)
+	CONF_ERROR (cmd, "requires a boolean or 4 field names: "
+		    "frate fcred brate bcred");
+      if (b)
+	add_config_param_str ("SQLRatios", 4,
+			      "frate", "fcred", "brate", "bcred");
+      break;
+
+    case 4:
+      add_config_param_str ("SQLRatios", 4,
+			    (void *) cmd->argv[1], (void *) cmd->argv[2],
+			    (void *) cmd->argv[3], (void *) cmd->argv[4]);
+    }
+  return HANDLED (cmd);
+}
+
+MODRET
+set_sqlempty (cmd_rec * cmd)
+{
+  int b;
+  config_rec *c;
+
+  CHECK_ARGS (cmd, 1);
+  CHECK_CONF (cmd, CONF_ROOT | CONF_GLOBAL);
+
+  if ((b = get_boolean (cmd, 1)) == -1)
+    {
+      if (!strcasecmp (cmd->argv[1], "set"))
+	b = 2;
+      else
+	CONF_ERROR (cmd, "requires 'set' or a boolean value");
+    }
+  c = add_config_param (cmd->argv[0], 1, (void *) b);
+  c->flags |= CF_MERGEDOWN;
+  return HANDLED (cmd);
+}
+
+MODRET
+add_globalstr (cmd_rec * cmd)
+{
+  CHECK_ARGS (cmd, 1);
+  CHECK_CONF (cmd, CONF_ROOT | CONF_GLOBAL);
+  add_config_param_str (cmd->argv[0], 1, (void *) cmd->argv[1]);
+  return HANDLED (cmd);
+}
+
+MODRET
+add_virtualstr (cmd_rec * cmd)
+{
+  CHECK_ARGS (cmd, 1);
+  CHECK_CONF (cmd, CONF_ROOT | CONF_GLOBAL | CONF_VIRTUAL);
+  add_config_param_str (cmd->argv[0], 1, (void *) cmd->argv[1]);
+  return HANDLED (cmd);
+}
+
+MODRET
+add_globalbool (cmd_rec * cmd)
+{
+  int b;
+  config_rec *c;
+
+  CHECK_ARGS (cmd, 1);
+  CHECK_CONF (cmd, CONF_ROOT | CONF_GLOBAL);
+
+  b = get_boolean (cmd, 1);
+  if (b == -1)
+    CONF_ERROR (cmd, "requires a boolean value");
+  c = add_config_param (cmd->argv[0], 1, (void *) b);
+  c->flags |= CF_MERGEDOWN;
+  return HANDLED (cmd);
+}
+
+MODRET
+add_virtualbool (cmd_rec * cmd)
+{
+  int b;
+  config_rec *c;
+
+  CHECK_ARGS (cmd, 1);
+  CHECK_CONF (cmd, CONF_ROOT | CONF_GLOBAL | CONF_VIRTUAL);
+
+  b = get_boolean (cmd, 1);
+  if (b == -1)
+    CONF_ERROR (cmd, "requires a boolean value");
+  c = add_config_param (cmd->argv[0], 1, (void *) b);
+  c->flags |= CF_MERGEDOWN;
+  return HANDLED (cmd);
+}
+
+static conftable sqlpw_conftab[] = {
+/* *INDENT-OFF* */
+
+  { "SQLLogHosts",            set_sqlloghosts,   NULL },
+  { "SQLLogStats",            set_sqllogstats,   NULL },
+  { "SQLLogHits",             set_sqlloghits,    NULL },
+  { "SQLLogDirs",             set_sqllogdirs,    NULL },
+  { "SQLRatios",              set_sqlratios,     NULL },
+  { "SQLEmptyPasswords",      set_sqlempty,      NULL },
+
+  { "SQLUserTable",           add_globalstr,     NULL },
+  { "SQLUsernameField",       add_globalstr,     NULL },
+  { "SQLUidField",            add_globalstr,     NULL },
+  { "SQLGidField",            add_globalstr,     NULL },
+  { "SQLPasswordField",       add_globalstr,     NULL },
+  { "SQLHomedirField",        add_globalstr,     NULL },
+  { "SQLLoginCountField",     add_globalstr,     NULL },
+  { "SQLHomedir",             add_globalstr,     NULL },
+
+  { "SQLKeyField",            add_globalstr,     NULL },
+  { "SQLKey",                 add_virtualstr,    NULL },
+
+  { "SQLAuthoritative",       add_virtualbool,   NULL },
+  { "SQLEncryptedPasswords",  add_globalbool,    NULL },
+  { "SQLPlaintextPasswords",  add_globalbool,    NULL },
+
+  { NULL, NULL, NULL }
+
+/* *INDENT-ON* */
+};
+
+/* **************************************************************** */
+
+static int
+sqlpw_child_init ()
+{
+  config_rec *c;
+  MODRET mr;
+
+  memset (&g, 0, sizeof (g));
+  g.ok = TRUE;
+
+  g.sql_passwd = get_param_ptr (CURRENT_CONF, "SQLPasswordField", FALSE);
+  g.sql_flogs = get_param_ptr (CURRENT_CONF, "SQLLoginCountField", FALSE);
+  g.sql_uid = get_param_ptr (CURRENT_CONF, "SQLUidField", FALSE);
+  g.sql_gid = get_param_ptr (CURRENT_CONF, "SQLGidField", FALSE);
+
+  if (!(g.homedir = get_param_ptr (CURRENT_CONF, "SQLHomedir", FALSE)))
+    {
+      g.sql_fhdir = get_param_ptr (CURRENT_CONF, "SQLHomedirField", FALSE);
+    }
+  if ((c = find_config (CURRENT_CONF, CONF_PARAM, "SQLLogHosts", FALSE)))
+    {
+      g.sql_fhost = c->argv[0];
+      g.sql_faddr = c->argv[1];
+      g.sql_ftime = c->argv[2];
+    }
+  if ((c = find_config (CURRENT_CONF, CONF_PARAM, "SQLLogStats", FALSE)))
+    {
+      g.sql_fstor = c->argv[0];
+      g.sql_fretr = c->argv[1];
+      g.sql_bstor = c->argv[2];
+      g.sql_bretr = c->argv[3];
+    }
+  if ((c = find_config (CURRENT_CONF, CONF_PARAM, "SQLRatios", FALSE)))
+    {
+      if (!g.sql_fstor)
+	log_pri (LOG_WARNING, "sqlpw: warning: SQLRatios directive "
+		 "ineffective without SQLLogStats on");
+      g.sql_frate = c->argv[0];
+      g.sql_fcred = c->argv[1];
+      g.sql_brate = c->argv[2];
+      g.sql_bcred = c->argv[3];
+    }
+  if ((c = find_config (CURRENT_CONF, CONF_PARAM, "SQLLogHits", FALSE)))
+    {
+      g.sql_hittable = c->argv[0];
+      g.sql_filename = c->argv[1];
+      g.sql_hits = c->argv[2];
+      g.sql_dir = c->argv[3];
+    }
+  g.sql_fcdir = get_param_ptr (CURRENT_CONF, "SQLLogDirs", FALSE);
+
+  g.sql_usertable = get_param_ptr (CURRENT_CONF, "SQLUserTable",
+				   FALSE) ? : "users";
+  g.sql_userid = get_param_ptr (CURRENT_CONF, "SQLUsernameField",
+				FALSE) ? : "userid";
+
+  g.sql_keyfld = get_param_ptr (CURRENT_CONF, "SQLKeyField", FALSE);
+  g.sql_key = get_param_ptr (CURRENT_CONF, "SQLKey", FALSE);
+
+  if (!(g.homedir || g.sql_fhdir) && !g.sql_fhost
+      && !g.sql_fstor && !g.sql_fcdir)
+    return 0;
+
+  mr = modsql_open (NULL);
+  if (MODRET_ISHANDLED (mr))
+    {
+      log_debug (DEBUG3, "%s: configured: %s%s%s%s%s%s%s%s",
+		 MOD_SQL_VERSION,
+		 (g.sql_passwd && (g.homedir || g.sql_fhdir))
+		 ? "auth " : "",
+		 g.homedir ? "homedir " : "",
+		 g.sql_fhdir ? "homedirfield " : "",
+		 g.sql_fhost ? "loghosts " : "",
+		 g.sql_fstor ? "logstats " : "",
+		 g.sql_frate ? "ratios " : "",
+		 g.sql_hittable ? "loghits " : "",
+		 g.sql_fcdir ? "logdirs " : "");
+    }
+  else
+    {
+      memset (&g, 0, sizeof (g));
+      log_debug (DEBUG3, "%s: unconfigured: no backend could connect",
+		 MOD_SQL_VERSION);
+    }
+  return 0;
+}
+
+static int
+sqlpw_parent_init (void)
+{
+  /* FIXME: add db init stuff once parent_init() actually works. */
+  return 0;
+}
+
+module sqlpw_module = {
+  NULL, NULL,			/* Always NULL */
+  0x20,				/* API Version 2.0 */
+  "sql",
+  sqlpw_conftab,		/* SQL configuration handler table */
+  sqlpw_cmdtab,			/* SQL command handler table */
+  sqlpw_authtab,		/* SQL authentication handler table */
+  sqlpw_parent_init,		/* Pre-fork "parent mode" init */
+  sqlpw_child_init		/* Post-fork "child mode" init */
+};
@


1.1
log
@update to 1.2.0rc3

Submitted by:	Anders Nordby <anders@@fix.no>
@
text
@@

