diff options
Diffstat (limited to 'net-dialup/freeradius/files/freeradius-1.0.2-sql-escape.patch')
-rw-r--r-- | net-dialup/freeradius/files/freeradius-1.0.2-sql-escape.patch | 59 |
1 files changed, 37 insertions, 22 deletions
diff --git a/net-dialup/freeradius/files/freeradius-1.0.2-sql-escape.patch b/net-dialup/freeradius/files/freeradius-1.0.2-sql-escape.patch index ae2b0211cf56..f2060a75eebf 100644 --- a/net-dialup/freeradius/files/freeradius-1.0.2-sql-escape.patch +++ b/net-dialup/freeradius/files/freeradius-1.0.2-sql-escape.patch @@ -1,7 +1,29 @@ -diff -Nru freeradius-1.0.2.orig/src/modules/rlm_sql/rlm_sql.c freeradius-1.0.2/src/modules/rlm_sql/rlm_sql.c ---- freeradius-1.0.2.orig/src/modules/rlm_sql/rlm_sql.c 2004-09-30 17:54:22.000000000 +0300 -+++ freeradius-1.0.2/src/modules/rlm_sql/rlm_sql.c 2005-05-07 18:54:43.314085504 +0300 -@@ -158,6 +158,7 @@ +=================================================================== +RCS file: /web/pages/us.freeradius.org/cvs/radiusd/src/modules/rlm_sql/rlm_sql.c,v +retrieving revision 1.131.2.1 +retrieving revision 1.131.2.3 +diff -u -p -r1.131.2.1 -r1.131.2.3 +--- radiusd/src/modules/rlm_sql/rlm_sql.c 2004/09/30 14:54:22 1.131.2.1 ++++ radiusd/src/modules/rlm_sql/rlm_sql.c 2005/05/18 13:22:18 1.131.2.3 +@@ -2,7 +2,7 @@ + * rlm_sql.c SQL Module + * Main SQL module file. Most ICRADIUS code is located in sql.c + * +- * Version: $Id: freeradius-1.0.2-sql-escape.patch,v 1.2 2005/05/19 04:54:19 mrness Exp $ ++ * Version: $Id: freeradius-1.0.2-sql-escape.patch,v 1.2 2005/05/19 04:54:19 mrness Exp $ + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by +@@ -24,7 +24,7 @@ + */ + + static const char rcsid[] = +- "$Id: freeradius-1.0.2-sql-escape.patch,v 1.2 2005/05/19 04:54:19 mrness Exp $"; ++ "$Id: freeradius-1.0.2-sql-escape.patch,v 1.2 2005/05/19 04:54:19 mrness Exp $"; + + #include "autoconf.h" + +@@ -158,6 +158,7 @@ static int rlm_sql_init(void) { */ static int sql_set_user(SQL_INST *inst, REQUEST *request, char *sqlusername, const char *username); static int generate_sql_clients(SQL_INST *inst); @@ -9,7 +31,7 @@ diff -Nru freeradius-1.0.2.orig/src/modules/rlm_sql/rlm_sql.c freeradius-1.0.2/s /* * sql xlat function. Right now only SELECTs are supported. Only -@@ -184,7 +185,7 @@ +@@ -184,7 +185,7 @@ static int sql_xlat(void *instance, REQU /* * Do an xlat on the provided string (nice recursive operation). */ @@ -18,7 +40,7 @@ diff -Nru freeradius-1.0.2.orig/src/modules/rlm_sql/rlm_sql.c freeradius-1.0.2/s radlog(L_ERR, "rlm_sql (%s): xlat failed.", inst->config->xlat_name); return 0; -@@ -409,18 +410,18 @@ +@@ -409,18 +410,18 @@ static int sql_escape_func(char *out, in while (in[0]) { /* @@ -35,7 +57,7 @@ diff -Nru freeradius-1.0.2.orig/src/modules/rlm_sql/rlm_sql.c freeradius-1.0.2/s if ((in[0] < 32) || strchr(allowed_chars, *in) == NULL) { + /* -+ * Less than 3 bytes left. ++ * Only 3 or less bytes available. + */ + if (outlen <= 3) { + break; @@ -44,30 +66,23 @@ diff -Nru freeradius-1.0.2.orig/src/modules/rlm_sql/rlm_sql.c freeradius-1.0.2/s snprintf(out, outlen, "=%02X", (unsigned char) in[0]); in++; out += 3; -@@ -430,6 +431,13 @@ +@@ -430,7 +431,14 @@ static int sql_escape_func(char *out, in } /* -+ * Only one byte left. +- * Else it's a nice character. ++ * Only one byte left. + */ + if (outlen <= 1) { + break; + } + + /* - * Else it's a nice character. ++ * Allowed character. */ *out = *in; -@@ -459,7 +467,7 @@ - if (username != NULL) { - strNcpy(tmpuser, username, MAX_STRING_LEN); - } else if (strlen(inst->config->query_user)) { -- radius_xlat(tmpuser, sizeof(tmpuser), inst->config->query_user, request, NULL); -+ radius_xlat(tmpuser, sizeof(tmpuser), inst->config->query_user, request, sql_escape_func); - } else { - return 0; - } -@@ -517,7 +525,7 @@ + out++; +@@ -517,7 +525,7 @@ static int sql_groupcmp(void *instance, */ if (sql_set_user(inst, req, sqlusername, 0) < 0) return 1; @@ -76,7 +91,7 @@ diff -Nru freeradius-1.0.2.orig/src/modules/rlm_sql/rlm_sql.c freeradius-1.0.2/s radlog(L_ERR, "rlm_sql (%s): xlat failed.", inst->config->xlat_name); /* Remove the username we (maybe) added above */ -@@ -1149,7 +1157,7 @@ +@@ -1149,7 +1157,7 @@ static int rlm_sql_checksimul(void *inst if(sql_set_user(inst, request, sqlusername, 0) <0) return RLM_MODULE_FAIL; @@ -85,7 +100,7 @@ diff -Nru freeradius-1.0.2.orig/src/modules/rlm_sql/rlm_sql.c freeradius-1.0.2/s /* initialize the sql socket */ sqlsocket = sql_get_socket(inst); -@@ -1193,7 +1201,7 @@ +@@ -1193,7 +1201,7 @@ static int rlm_sql_checksimul(void *inst return RLM_MODULE_OK; } |