[exim.git] / src / src / lookups / mysql.c

/*************************************************
*     Exim - an Internet mail transport agent    *
*************************************************/

/* Copyright (c) University of Cambridge 1995 - 2018 */
/* Copyright (c) The Exim Maintainers 2020 */
/* See the file NOTICE for conditions of use and distribution. */

/* Thanks to Paul Kelly for contributing the original code for these
functions. */


#include "../exim.h"
#include "lf_functions.h"

#include <mysql.h>       /* The system header */

/* We define symbols for *_VERSION_ID (numeric), *_VERSION_STR (char*)
and *_BASE_STR (char*). It's a bit of guesswork. Especially for mariadb
with versions before 10.2, as they do not define there there specific symbols.
*/

/* Newer (>= 10.2) MariaDB */
#if defined                   MARIADB_VERSION_ID
#define EXIM_MxSQL_VERSION_ID MARIADB_VERSION_ID

/* MySQL defines MYSQL_VERSION_ID, and MariaDB does so */
/* https://dev.mysql.com/doc/refman/5.7/en/c-api-server-client-versions.html */
#elif defined                 LIBMYSQL_VERSION_ID
#define EXIM_MxSQL_VERSION_ID LIBMYSQL_VERSION_ID
#elif defined                 MYSQL_VERSION_ID
#define EXIM_MxSQL_VERSION_ID MYSQL_VERSION_ID

#else
#define EXIM_MYSQL_VERSION_ID  0
#endif

/* Newer (>= 10.2) MariaDB */
#ifdef                         MARIADB_CLIENT_VERSION_STR
#define EXIM_MxSQL_VERSION_STR MARIADB_CLIENT_VERSION_STR

/* Mysql uses MYSQL_SERVER_VERSION */
#elif defined                  LIBMYSQL_VERSION
#define EXIM_MxSQL_VERSION_STR LIBMYSQL_VERSION
#elif defined                  MYSQL_SERVER_VERSION
#define EXIM_MxSQL_VERSION_STR MYSQL_SERVER_VERSION

#else
#define EXIM_MxSQL_VERSION_STR  "unknown"
#endif

#if defined                 MARIADB_BASE_VERSION
#define EXIM_MxSQL_BASE_STR MARIADB_BASE_VERSION

#elif defined               MARIADB_PACKAGE_VERSION
#define EXIM_MxSQL_BASE_STR "mariadb"

#elif defined               MYSQL_BASE_VERSION
#define EXIM_MxSQL_BASE_STR MYSQL_BASE_VERSION

#else
#define EXIM_MxSQL_BASE_STR  "n.A."
#endif


/* Structure and anchor for caching connections. */

typedef struct mysql_connection {
  struct mysql_connection *next;
  uschar  *server;
  MYSQL *handle;
} mysql_connection;

static mysql_connection *mysql_connections = NULL;


/*************************************************
*              Open entry point                  *
*************************************************/

/* See local README for interface description. */

static void *
mysql_open(const uschar * filename, uschar ** errmsg)
{
return (void *)(1);    /* Just return something non-null */
}


/*************************************************
*               Tidy entry point                 *
*************************************************/

/* See local README for interface description. */

static void
mysql_tidy(void)
{
mysql_connection *cn;
while ((cn = mysql_connections) != NULL)
  {
  mysql_connections = cn->next;
  DEBUG(D_lookup) debug_printf_indent("close MYSQL connection: %s\n", cn->server);
  mysql_close(cn->handle);
  }
}


/*************************************************
*        Internal search function                *
*************************************************/

/* This function is called from the find entry point to do the search for a
single server.

Arguments:
  query        the query string
  server       the server string
  resultptr    where to store the result
  errmsg       where to point an error message
  defer_break  TRUE if no more servers are to be tried after DEFER
  do_cache     set zero if data is changed
  opts	       options

The server string is of the form "host/dbname/user/password". The host can be
host:port. This string is in a nextinlist temporary buffer, so can be
overwritten.

Returns:       OK, FAIL, or DEFER
*/

static int
perform_mysql_search(const uschar *query, uschar *server, uschar **resultptr,
  uschar **errmsg, BOOL *defer_break, uint *do_cache, const uschar * opts)
{
MYSQL *mysql_handle = NULL;        /* Keep compilers happy */
MYSQL_RES *mysql_result = NULL;
MYSQL_ROW mysql_row_data;
MYSQL_FIELD *fields;

int i;
int yield = DEFER;
unsigned int num_fields;
gstring * result = NULL;
mysql_connection *cn;
uschar *server_copy = NULL;
uschar *sdata[4];

/* Disaggregate the parameters from the server argument. The order is host,
database, user, password. We can write to the string, since it is in a
nextinlist temporary buffer. The copy of the string that is used for caching
has the password removed. This copy is also used for debugging output. */

for (int i = 3; i > 0; i--)
  {
  uschar *pp = Ustrrchr(server, '/');
  if (!pp)
    {
    *errmsg = string_sprintf("incomplete MySQL server data: %s",
      (i == 3)? server : server_copy);
    *defer_break = TRUE;
    return DEFER;
    }
  *pp++ = 0;
  sdata[i] = pp;
  if (i == 3) server_copy = string_copy(server);  /* sans password */
  }
sdata[0] = server;   /* What's left at the start */

/* See if we have a cached connection to the server */

for (cn = mysql_connections; cn; cn = cn->next)
  if (Ustrcmp(cn->server, server_copy) == 0)
    { mysql_handle = cn->handle; break; }

/* If no cached connection, we must set one up. Mysql allows for a host name
and port to be specified. It also allows the name of a Unix socket to be used.
Unfortunately, this contains slashes, but its use is expected to be rare, so
the rather cumbersome syntax shouldn't inconvenience too many people. We use
this:  host:port(socket)[group]  where all the parts are optional.
The "group" parameter specifies an option group from a MySQL option file. */

if (!cn)
  {
  uschar *p;
  uschar *socket = NULL;
  int port = 0;
  uschar *group = US"exim";

  if ((p = Ustrchr(sdata[0], '[')))
    {
    *p++ = 0;
    group = p;
    while (*p && *p != ']') p++;
    *p = 0;
    }

  if ((p = Ustrchr(sdata[0], '(')))
    {
    *p++ = 0;
    socket = p;
    while (*p && *p != ')') p++;
    *p = 0;
    }

  if ((p = Ustrchr(sdata[0], ':')))
    {
    *p++ = 0;
    port = Uatoi(p);
    }

  if (Ustrchr(sdata[0], '/'))
    {
    *errmsg = string_sprintf("unexpected slash in MySQL server hostname: %s",
      sdata[0]);
    *defer_break = TRUE;
    return DEFER;
    }

  /* If the database is the empty string, set it NULL - the query must then
  define it. */

  if (sdata[1][0] == 0) sdata[1] = NULL;

  DEBUG(D_lookup)
    debug_printf_indent("MYSQL new connection: host=%s port=%d socket=%s "
      "database=%s user=%s\n", sdata[0], port, socket, sdata[1], sdata[2]);

  /* Get store for a new handle, initialize it, and connect to the server */

  mysql_handle = store_get(sizeof(MYSQL), FALSE);
  mysql_init(mysql_handle);
  mysql_options(mysql_handle, MYSQL_READ_DEFAULT_GROUP, CS group);
  if (mysql_real_connect(mysql_handle,
      /*  host        user         passwd     database */
      CS sdata[0], CS sdata[2], CS sdata[3], CS sdata[1],
      port, CS socket, CLIENT_MULTI_RESULTS) == NULL)
    {
    *errmsg = string_sprintf("MYSQL connection failed: %s",
      mysql_error(mysql_handle));
    *defer_break = FALSE;
    goto MYSQL_EXIT;
    }

  /* Add the connection to the cache */

  cn = store_get(sizeof(mysql_connection), FALSE);
  cn->server = server_copy;
  cn->handle = mysql_handle;
  cn->next = mysql_connections;
  mysql_connections = cn;
  }

/* Else use a previously cached connection */

else
  {
  DEBUG(D_lookup)
    debug_printf_indent("MYSQL using cached connection for %s\n", server_copy);
  }

/* Run the query */

if (mysql_query(mysql_handle, CS query) != 0)
  {
  *errmsg = string_sprintf("MYSQL: query failed: %s\n",
    mysql_error(mysql_handle));
  *defer_break = FALSE;
  goto MYSQL_EXIT;
  }

/* Pick up the result. If the query was not of the type that returns data,
namely INSERT, UPDATE, or DELETE, an error occurs here. However, this situation
can be detected by calling mysql_field_count(). If its result is zero, no data
was expected (this is all explained clearly in the MySQL manual). In this case,
we return the number of rows affected by the command. In this event, we do NOT
want to cache the result; also the whole cache for the handle must be cleaned
up. Setting do_cache zero requests this. */

if (!(mysql_result = mysql_use_result(mysql_handle)))
  {
  if (mysql_field_count(mysql_handle) == 0)
    {
    DEBUG(D_lookup) debug_printf_indent("MYSQL: query was not one that returns data\n");
    result = string_cat(result,
	       string_sprintf("%d", mysql_affected_rows(mysql_handle)));
    *do_cache = 0;
    goto MYSQL_EXIT;
    }
  *errmsg = string_sprintf("MYSQL: lookup result failed: %s\n",
    mysql_error(mysql_handle));
  *defer_break = FALSE;
  goto MYSQL_EXIT;
  }

/* Find the number of fields returned. If this is one, we don't add field
names to the data. Otherwise we do. */

num_fields = mysql_num_fields(mysql_result);

/* Get the fields and construct the result string. If there is more than one
row, we insert '\n' between them. */

fields = mysql_fetch_fields(mysql_result);

while ((mysql_row_data = mysql_fetch_row(mysql_result)))
  {
  unsigned long *lengths = mysql_fetch_lengths(mysql_result);

  if (result)
    result = string_catn(result, US"\n", 1);

  if (num_fields != 1)
    for (int i = 0; i < num_fields; i++)
      result = lf_quote(US fields[i].name, US mysql_row_data[i], lengths[i],
			result);

  else if (mysql_row_data[0] != NULL)    /* NULL value yields nothing */
      result = string_catn(result, US mysql_row_data[0], lengths[0]);
  }

/* more results? -1 = no, >0 = error, 0 = yes (keep looping)
   This is needed because of the CLIENT_MULTI_RESULTS on mysql_real_connect(),
   we don't expect any more results. */

while((i = mysql_next_result(mysql_handle)) >= 0)
  if(i != 0)
    {
    *errmsg = string_sprintf(
	  "MYSQL: lookup result error when checking for more results: %s\n",
	  mysql_error(mysql_handle));
    goto MYSQL_EXIT;
    }
  else	/* just ignore more results */
    DEBUG(D_lookup) debug_printf_indent("MYSQL: got unexpected more results\n");

/* If result is NULL then no data has been found and so we return FAIL.
Otherwise, we must terminate the string which has been built; string_cat()
always leaves enough room for a terminating zero. */

if (!result)
  {
  yield = FAIL;
  *errmsg = US"MYSQL: no data found";
  }

/* Get here by goto from various error checks and from the case where no data
was read (e.g. an update query). */

MYSQL_EXIT:

/* Free mysal store for any result that was got; don't close the connection, as
it is cached. */

if (mysql_result) mysql_free_result(mysql_result);

/* Non-NULL result indicates a successful result */

if (result)
  {
  *resultptr = string_from_gstring(result);
  gstring_release_unused(result);
  return OK;
  }
else
  {
  DEBUG(D_lookup) debug_printf_indent("%s\n", *errmsg);
  return yield;      /* FAIL or DEFER */
  }
}


/*************************************************
*               Find entry point                 *
*************************************************/

/* See local README for interface description. The handle and filename
arguments are not used. The code to loop through a list of servers while the
query is deferred with a retryable error is now in a separate function that is
shared with other SQL lookups. */

static int
mysql_find(void * handle, const uschar * filename, const uschar * query,
  int length, uschar ** result, uschar ** errmsg, uint * do_cache,
  const uschar * opts)
{
return lf_sqlperform(US"MySQL", US"mysql_servers", mysql_servers, query,
  result, errmsg, do_cache, opts, perform_mysql_search);
}


/*************************************************
*               Quote entry point                *
*************************************************/

/* The only characters that need to be quoted (with backslash) are newline,
tab, carriage return, backspace, backslash itself, and the quote characters.
Percent, and underscore and not escaped. They are only special in contexts
where they can be wild cards, and this isn't usually the case for data inserted
from messages, since that isn't likely to be treated as a pattern of any kind.
Sadly, MySQL doesn't seem to behave like other programs. If you use something
like "where id="ab\%cd" it does not treat the string as "ab%cd". So you really
can't quote "on spec".

Arguments:
  s          the string to be quoted
  opt        additional option text or NULL if none

Returns:     the processed string or NULL for a bad option
*/

static uschar *
mysql_quote(uschar *s, uschar *opt)
{
register int c;
int count = 0;
uschar *t = s;
uschar *quoted;

if (opt != NULL) return NULL;     /* No options recognized */

while ((c = *t++) != 0)
  if (Ustrchr("\n\t\r\b\'\"\\", c) != NULL) count++;

if (count == 0) return s;
t = quoted = store_get(Ustrlen(s) + count + 1, is_tainted(s));

while ((c = *s++) != 0)
  {
  if (Ustrchr("\n\t\r\b\'\"\\", c) != NULL)
    {
    *t++ = '\\';
    switch(c)
      {
      case '\n': *t++ = 'n';
      break;
      case '\t': *t++ = 't';
      break;
      case '\r': *t++ = 'r';
      break;
      case '\b': *t++ = 'b';
      break;
      default:   *t++ = c;
      break;
      }
    }
  else *t++ = c;
  }

*t = 0;
return quoted;
}


/*************************************************
*         Version reporting entry point          *
*************************************************/

/* See local README for interface description. */

#include "../version.h"

void
mysql_version_report(FILE *f)
{
fprintf(f, "Library version: MySQL: Compile: %lu %s [%s]\n"
           "                        Runtime: %lu %s\n",
        (long)EXIM_MxSQL_VERSION_ID, EXIM_MxSQL_VERSION_STR, EXIM_MxSQL_BASE_STR,
        mysql_get_client_version(), mysql_get_client_info());
#ifdef DYNLOOKUP
fprintf(f, "                        Exim version %s\n", EXIM_VERSION_STR);
#endif
}

/* These are the lookup_info blocks for this driver */

static lookup_info mysql_lookup_info = {
  .name = US"mysql",			/* lookup name */
  .type = lookup_querystyle,		/* query-style lookup */
  .open = mysql_open,			/* open function */
  .check = NULL,			/* no check function */
  .find = mysql_find,			/* find function */
  .close = NULL,			/* no close function */
  .tidy = mysql_tidy,			/* tidy function */
  .quote = mysql_quote,			/* quoting function */
  .version_report = mysql_version_report           /* version reporting */
};

#ifdef DYNLOOKUP
#define mysql_lookup_module_info _lookup_module_info
#endif

static lookup_info *_lookup_list[] = { &mysql_lookup_info };
lookup_module_info mysql_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 };

/* End of lookups/mysql.c */
Commit	Line	Data
0756eb3c PH	1	/*************************************************
	2	* Exim - an Internet mail transport agent *
	3	*************************************************/
	4
f9ba5e22	5	/* Copyright (c) University of Cambridge 1995 - 2018 */
1e1ddfac	6	/* Copyright (c) The Exim Maintainers 2020 */
0756eb3c PH	7	/* See the file NOTICE for conditions of use and distribution. */
	8
	9	/* Thanks to Paul Kelly for contributing the original code for these
	10	functions. */
	11
	12
	13	#include "../exim.h"
	14	#include "lf_functions.h"
0756eb3c PH	15
0756eb3c PH	16	#include <mysql.h> /* The system header */
31beb797 HSHR	17
	18	/* We define symbols for _VERSION_ID (numeric), _VERSION_STR (char*)
	19	and _BASE_STR (char). It's a bit of guesswork. Especially for mariadb
	20	with versions before 10.2, as they do not define there there specific symbols.
	21	*/
	22
8b6c5715	23	/* Newer (>= 10.2) MariaDB */
31beb797 HSHR	24	#if defined MARIADB_VERSION_ID
	25	#define EXIM_MxSQL_VERSION_ID MARIADB_VERSION_ID
	26
8b6c5715 JH	27	/* MySQL defines MYSQL_VERSION_ID, and MariaDB does so */
8b6c5715 JH	28	/* https://dev.mysql.com/doc/refman/5.7/en/c-api-server-client-versions.html */
31beb797 HSHR	29	#elif defined LIBMYSQL_VERSION_ID
	30	#define EXIM_MxSQL_VERSION_ID LIBMYSQL_VERSION_ID
	31	#elif defined MYSQL_VERSION_ID
	32	#define EXIM_MxSQL_VERSION_ID MYSQL_VERSION_ID
	33
	34	#else
	35	#define EXIM_MYSQL_VERSION_ID 0
	36	#endif
	37
8b6c5715	38	/* Newer (>= 10.2) MariaDB */
31beb797 HSHR	39	#ifdef MARIADB_CLIENT_VERSION_STR
	40	#define EXIM_MxSQL_VERSION_STR MARIADB_CLIENT_VERSION_STR
	41
8b6c5715	42	/* Mysql uses MYSQL_SERVER_VERSION */
31beb797 HSHR	43	#elif defined LIBMYSQL_VERSION
	44	#define EXIM_MxSQL_VERSION_STR LIBMYSQL_VERSION
	45	#elif defined MYSQL_SERVER_VERSION
	46	#define EXIM_MxSQL_VERSION_STR MYSQL_SERVER_VERSION
	47
	48	#else
eb002283	49	#define EXIM_MxSQL_VERSION_STR "unknown"
31beb797 HSHR	50	#endif
	51
	52	#if defined MARIADB_BASE_VERSION
	53	#define EXIM_MxSQL_BASE_STR MARIADB_BASE_VERSION
	54
	55	#elif defined MARIADB_PACKAGE_VERSION
	56	#define EXIM_MxSQL_BASE_STR "mariadb"
	57
	58	#elif defined MYSQL_BASE_VERSION
	59	#define EXIM_MxSQL_BASE_STR MYSQL_BASE_VERSION
	60
	61	#else
	62	#define EXIM_MxSQL_BASE_STR "n.A."
	63	#endif
0756eb3c PH	64
	65
	66	/* Structure and anchor for caching connections. */
	67
	68	typedef struct mysql_connection {
	69	struct mysql_connection *next;
	70	uschar *server;
	71	MYSQL *handle;
	72	} mysql_connection;
	73
	74	static mysql_connection *mysql_connections = NULL;
	75
	76
	77
	78	/*************************************************
	79	* Open entry point *
	80	*************************************************/
	81
	82	/* See local README for interface description. */
	83
e6d225ae	84	static void *
d447dbd1	85	mysql_open(const uschar * filename, uschar ** errmsg)
0756eb3c PH	86	{
	87	return (void )(1); / Just return something non-null */
	88	}
	89
	90
	91
	92	/*************************************************
	93	* Tidy entry point *
	94	*************************************************/
	95
	96	/* See local README for interface description. */
	97
e6d225ae	98	static void
0756eb3c PH	99	mysql_tidy(void)
	100	{
	101	mysql_connection *cn;
	102	while ((cn = mysql_connections) != NULL)
	103	{
	104	mysql_connections = cn->next;
42c7f0b4	105	DEBUG(D_lookup) debug_printf_indent("close MYSQL connection: %s\n", cn->server);
0756eb3c PH	106	mysql_close(cn->handle);
	107	}
	108	}
	109
	110
	111
	112	/*************************************************
	113	* Internal search function *
	114	*************************************************/
	115
	116	/* This function is called from the find entry point to do the search for a
	117	single server.
	118
	119	Arguments:
	120	query the query string
	121	server the server string
	122	resultptr where to store the result
	123	errmsg where to point an error message
	124	defer_break TRUE if no more servers are to be tried after DEFER
14b3c5bc	125	do_cache set zero if data is changed
0b4dfe7a	126	opts options
0756eb3c PH	127
	128	The server string is of the form "host/dbname/user/password". The host can be
	129	host:port. This string is in a nextinlist temporary buffer, so can be
	130	overwritten.
	131
	132	Returns: OK, FAIL, or DEFER
	133	*/
	134
	135	static int
55414b25	136	perform_mysql_search(const uschar query, uschar server, uschar **resultptr,
0b4dfe7a	137	uschar *errmsg, BOOL defer_break, uint do_cache, const uschar opts)
0756eb3c PH	138	{
	139	MYSQL mysql_handle = NULL; / Keep compilers happy */
	140	MYSQL_RES *mysql_result = NULL;
	141	MYSQL_ROW mysql_row_data;
	142	MYSQL_FIELD *fields;
	143
	144	int i;
0756eb3c PH	145	int yield = DEFER;
0756eb3c PH	146	unsigned int num_fields;
acec9514	147	gstring * result = NULL;
0756eb3c PH	148	mysql_connection *cn;
	149	uschar *server_copy = NULL;
	150	uschar *sdata[4];
	151
	152	/* Disaggregate the parameters from the server argument. The order is host,
	153	database, user, password. We can write to the string, since it is in a
	154	nextinlist temporary buffer. The copy of the string that is used for caching
	155	has the password removed. This copy is also used for debugging output. */
	156
d7978c0f	157	for (int i = 3; i > 0; i--)
0756eb3c PH	158	{
0756eb3c PH	159	uschar *pp = Ustrrchr(server, '/');
0b4dfe7a	160	if (!pp)
0756eb3c PH	161	{
	162	*errmsg = string_sprintf("incomplete MySQL server data: %s",
	163	(i == 3)? server : server_copy);
	164	*defer_break = TRUE;
	165	return DEFER;
	166	}
	167	*pp++ = 0;
	168	sdata[i] = pp;
	169	if (i == 3) server_copy = string_copy(server); /* sans password */
	170	}
	171	sdata[0] = server; /* What's left at the start */
	172
	173	/* See if we have a cached connection to the server */
	174
a159f203	175	for (cn = mysql_connections; cn; cn = cn->next)
0756eb3c	176	if (Ustrcmp(cn->server, server_copy) == 0)
0b4dfe7a	177	{ mysql_handle = cn->handle; break; }
0756eb3c PH	178
	179	/* If no cached connection, we must set one up. Mysql allows for a host name
	180	and port to be specified. It also allows the name of a Unix socket to be used.
	181	Unfortunately, this contains slashes, but its use is expected to be rare, so
	182	the rather cumbersome syntax shouldn't inconvenience too many people. We use
a159f203 JH	183	this: host:port(socket)[group] where all the parts are optional.
a159f203 JH	184	The "group" parameter specifies an option group from a MySQL option file. */
0756eb3c	185
a159f203	186	if (!cn)
0756eb3c PH	187	{
	188	uschar *p;
	189	uschar *socket = NULL;
	190	int port = 0;
a159f203 JH	191	uschar *group = US"exim";
	192
	193	if ((p = Ustrchr(sdata[0], '[')))
	194	{
	195	*p++ = 0;
	196	group = p;
	197	while (p && p != ']') p++;
	198	*p = 0;
	199	}
0756eb3c	200
a159f203	201	if ((p = Ustrchr(sdata[0], '(')))
0756eb3c PH	202	{
	203	*p++ = 0;
	204	socket = p;
a159f203	205	while (p && p != ')') p++;
0756eb3c PH	206	*p = 0;
	207	}
	208
a159f203	209	if ((p = Ustrchr(sdata[0], ':')))
0756eb3c PH	210	{
	211	*p++ = 0;
	212	port = Uatoi(p);
	213	}
	214
a159f203	215	if (Ustrchr(sdata[0], '/'))
0756eb3c PH	216	{
	217	*errmsg = string_sprintf("unexpected slash in MySQL server hostname: %s",
	218	sdata[0]);
	219	*defer_break = TRUE;
	220	return DEFER;
	221	}
	222
	223	/* If the database is the empty string, set it NULL - the query must then
	224	define it. */
	225
	226	if (sdata[1][0] == 0) sdata[1] = NULL;
	227
	228	DEBUG(D_lookup)
42c7f0b4	229	debug_printf_indent("MYSQL new connection: host=%s port=%d socket=%s "
0756eb3c PH	230	"database=%s user=%s\n", sdata[0], port, socket, sdata[1], sdata[2]);
	231
	232	/* Get store for a new handle, initialize it, and connect to the server */
	233
f3ebb786	234	mysql_handle = store_get(sizeof(MYSQL), FALSE);
0756eb3c	235	mysql_init(mysql_handle);
a159f203	236	mysql_options(mysql_handle, MYSQL_READ_DEFAULT_GROUP, CS group);
0756eb3c PH	237	if (mysql_real_connect(mysql_handle,
	238	/* host user passwd database */
	239	CS sdata[0], CS sdata[2], CS sdata[3], CS sdata[1],
f6efe9ce	240	port, CS socket, CLIENT_MULTI_RESULTS) == NULL)
0756eb3c PH	241	{
	242	*errmsg = string_sprintf("MYSQL connection failed: %s",
	243	mysql_error(mysql_handle));
	244	*defer_break = FALSE;
	245	goto MYSQL_EXIT;
	246	}
	247
	248	/* Add the connection to the cache */
	249
f3ebb786	250	cn = store_get(sizeof(mysql_connection), FALSE);
0756eb3c PH	251	cn->server = server_copy;
	252	cn->handle = mysql_handle;
	253	cn->next = mysql_connections;
	254	mysql_connections = cn;
	255	}
	256
	257	/* Else use a previously cached connection */
	258
	259	else
	260	{
	261	DEBUG(D_lookup)
42c7f0b4	262	debug_printf_indent("MYSQL using cached connection for %s\n", server_copy);
0756eb3c PH	263	}
	264
	265	/* Run the query */
	266
	267	if (mysql_query(mysql_handle, CS query) != 0)
	268	{
	269	*errmsg = string_sprintf("MYSQL: query failed: %s\n",
	270	mysql_error(mysql_handle));
	271	*defer_break = FALSE;
	272	goto MYSQL_EXIT;
	273	}
	274
	275	/* Pick up the result. If the query was not of the type that returns data,
	276	namely INSERT, UPDATE, or DELETE, an error occurs here. However, this situation
	277	can be detected by calling mysql_field_count(). If its result is zero, no data
	278	was expected (this is all explained clearly in the MySQL manual). In this case,
	279	we return the number of rows affected by the command. In this event, we do NOT
	280	want to cache the result; also the whole cache for the handle must be cleaned
14b3c5bc	281	up. Setting do_cache zero requests this. */
0756eb3c	282
ba0e37b1	283	if (!(mysql_result = mysql_use_result(mysql_handle)))
0756eb3c	284	{
0b4dfe7a	285	if (mysql_field_count(mysql_handle) == 0)
0756eb3c	286	{
42c7f0b4	287	DEBUG(D_lookup) debug_printf_indent("MYSQL: query was not one that returns data\n");
acec9514 JH	288	result = string_cat(result,
acec9514 JH	289	string_sprintf("%d", mysql_affected_rows(mysql_handle)));
14b3c5bc	290	*do_cache = 0;
0756eb3c PH	291	goto MYSQL_EXIT;
	292	}
	293	*errmsg = string_sprintf("MYSQL: lookup result failed: %s\n",
	294	mysql_error(mysql_handle));
	295	*defer_break = FALSE;
	296	goto MYSQL_EXIT;
	297	}
	298
	299	/* Find the number of fields returned. If this is one, we don't add field
	300	names to the data. Otherwise we do. */
	301
	302	num_fields = mysql_num_fields(mysql_result);
	303
	304	/* Get the fields and construct the result string. If there is more than one
	305	row, we insert '\n' between them. */
	306
	307	fields = mysql_fetch_fields(mysql_result);
	308
acec9514	309	while ((mysql_row_data = mysql_fetch_row(mysql_result)))
0756eb3c PH	310	{
	311	unsigned long *lengths = mysql_fetch_lengths(mysql_result);
	312
acec9514 JH	313	if (result)
acec9514 JH	314	result = string_catn(result, US"\n", 1);
0756eb3c	315
ba0e37b1	316	if (num_fields != 1)
d7978c0f	317	for (int i = 0; i < num_fields; i++)
ba0e37b1 JH	318	result = lf_quote(US fields[i].name, US mysql_row_data[i], lengths[i],
ba0e37b1 JH	319	result);
0756eb3c	320
ba0e37b1 JH	321	else if (mysql_row_data[0] != NULL) /* NULL value yields nothing */
ba0e37b1 JH	322	result = string_catn(result, US mysql_row_data[0], lengths[0]);
0756eb3c PH	323	}
0756eb3c PH	324
f6efe9ce NM	325	/* more results? -1 = no, >0 = error, 0 = yes (keep looping)
	326	This is needed because of the CLIENT_MULTI_RESULTS on mysql_real_connect(),
	327	we don't expect any more results. */
	328
ba0e37b1	329	while((i = mysql_next_result(mysql_handle)) >= 0)
0b4dfe7a	330	if(i != 0)
ba0e37b1	331	{
0b4dfe7a JH	332	*errmsg = string_sprintf(
	333	"MYSQL: lookup result error when checking for more results: %s\n",
	334	mysql_error(mysql_handle));
	335	goto MYSQL_EXIT;
ba0e37b1	336	}
0b4dfe7a JH	337	else /* just ignore more results */
0b4dfe7a JH	338	DEBUG(D_lookup) debug_printf_indent("MYSQL: got unexpected more results\n");
f6efe9ce	339
0756eb3c PH	340	/* If result is NULL then no data has been found and so we return FAIL.
	341	Otherwise, we must terminate the string which has been built; string_cat()
	342	always leaves enough room for a terminating zero. */
	343
acec9514	344	if (!result)
0756eb3c PH	345	{
	346	yield = FAIL;
	347	*errmsg = US"MYSQL: no data found";
	348	}
0756eb3c PH	349
	350	/* Get here by goto from various error checks and from the case where no data
	351	was read (e.g. an update query). */
	352
	353	MYSQL_EXIT:
	354
	355	/* Free mysal store for any result that was got; don't close the connection, as
	356	it is cached. */
	357
acec9514	358	if (mysql_result) mysql_free_result(mysql_result);
0756eb3c	359
4c04137d	360	/* Non-NULL result indicates a successful result */
0756eb3c	361
acec9514	362	if (result)
0756eb3c	363	{
ba0e37b1	364	*resultptr = string_from_gstring(result);
f3ebb786	365	gstring_release_unused(result);
0756eb3c PH	366	return OK;
	367	}
	368	else
	369	{
42c7f0b4	370	DEBUG(D_lookup) debug_printf_indent("%s\n", *errmsg);
0756eb3c PH	371	return yield; /* FAIL or DEFER */
	372	}
	373	}
	374
	375
	376
	377
	378	/*************************************************
	379	* Find entry point *
	380	*************************************************/
	381
	382	/* See local README for interface description. The handle and filename
b7670459 PH	383	arguments are not used. The code to loop through a list of servers while the
	384	query is deferred with a retryable error is now in a separate function that is
	385	shared with other SQL lookups. */
0756eb3c	386
e6d225ae	387	static int
d447dbd1	388	mysql_find(void * handle, const uschar * filename, const uschar * query,
67a57a5a JH	389	int length, uschar result, uschar errmsg, uint * do_cache,
67a57a5a JH	390	const uschar * opts)
0756eb3c	391	{
b7670459	392	return lf_sqlperform(US"MySQL", US"mysql_servers", mysql_servers, query,
0b4dfe7a	393	result, errmsg, do_cache, opts, perform_mysql_search);
0756eb3c PH	394	}
	395
	396
	397
	398	/*************************************************
	399	* Quote entry point *
	400	*************************************************/
	401
	402	/* The only characters that need to be quoted (with backslash) are newline,
	403	tab, carriage return, backspace, backslash itself, and the quote characters.
	404	Percent, and underscore and not escaped. They are only special in contexts
	405	where they can be wild cards, and this isn't usually the case for data inserted
	406	from messages, since that isn't likely to be treated as a pattern of any kind.
	407	Sadly, MySQL doesn't seem to behave like other programs. If you use something
	408	like "where id="ab\%cd" it does not treat the string as "ab%cd". So you really
	409	can't quote "on spec".
	410
	411	Arguments:
	412	s the string to be quoted
	413	opt additional option text or NULL if none
	414
	415	Returns: the processed string or NULL for a bad option
	416	*/
	417
e6d225ae	418	static uschar *
0756eb3c PH	419	mysql_quote(uschar s, uschar opt)
	420	{
	421	register int c;
	422	int count = 0;
	423	uschar *t = s;
	424	uschar *quoted;
	425
	426	if (opt != NULL) return NULL; /* No options recognized */
	427
	428	while ((c = *t++) != 0)
	429	if (Ustrchr("\n\t\r\b\'\"\\", c) != NULL) count++;
	430
	431	if (count == 0) return s;
f3ebb786	432	t = quoted = store_get(Ustrlen(s) + count + 1, is_tainted(s));
0756eb3c PH	433
	434	while ((c = *s++) != 0)
	435	{
	436	if (Ustrchr("\n\t\r\b\'\"\\", c) != NULL)
	437	{
	438	*t++ = '\\';
	439	switch(c)
	440	{
	441	case '\n': *t++ = 'n';
	442	break;
	443	case '\t': *t++ = 't';
	444	break;
	445	case '\r': *t++ = 'r';
	446	break;
	447	case '\b': *t++ = 'b';
	448	break;
	449	default: *t++ = c;
	450	break;
	451	}
	452	}
	453	else *t++ = c;
	454	}
	455
	456	*t = 0;
	457	return quoted;
	458	}
	459
6545de78 PP	460
	461	/*************************************************
	462	* Version reporting entry point *
	463	*************************************************/
	464
	465	/* See local README for interface description. */
	466
	467	#include "../version.h"
	468
	469	void
	470	mysql_version_report(FILE *f)
	471	{
31beb797 HSHR	472	fprintf(f, "Library version: MySQL: Compile: %lu %s [%s]\n"
	473	" Runtime: %lu %s\n",
	474	(long)EXIM_MxSQL_VERSION_ID, EXIM_MxSQL_VERSION_STR, EXIM_MxSQL_BASE_STR,
	475	mysql_get_client_version(), mysql_get_client_info());
6545de78 PP	476	#ifdef DYNLOOKUP
	477	fprintf(f, " Exim version %s\n", EXIM_VERSION_STR);
	478	#endif
	479	}
	480
e6d225ae DW	481	/* These are the lookup_info blocks for this driver */
	482
	483	static lookup_info mysql_lookup_info = {
9f400174 JH	484	.name = US"mysql", /* lookup name */
	485	.type = lookup_querystyle, /* query-style lookup */
	486	.open = mysql_open, /* open function */
	487	.check = NULL, /* no check function */
	488	.find = mysql_find, /* find function */
	489	.close = NULL, /* no close function */
	490	.tidy = mysql_tidy, /* tidy function */
	491	.quote = mysql_quote, /* quoting function */
	492	.version_report = mysql_version_report /* version reporting */
e6d225ae DW	493	};
	494
	495	#ifdef DYNLOOKUP
	496	#define mysql_lookup_module_info _lookup_module_info
	497	#endif
	498
	499	static lookup_info *_lookup_list[] = { &mysql_lookup_info };
	500	lookup_module_info mysql_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 1 };
0756eb3c PH	501
0756eb3c PH	502	/* End of lookups/mysql.c */