From beech@alaskaparadise.com  Tue Jan  2 03:28:17 2007
Return-Path: <beech@alaskaparadise.com>
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 3DB3A16A407
	for <FreeBSD-gnats-submit@freebsd.org>; Tue,  2 Jan 2007 03:28:17 +0000 (UTC)
	(envelope-from beech@alaskaparadise.com)
Received: from stargate.alaskaparadise.com (114-103-74-65.gci.net [65.74.103.114])
	by mx1.freebsd.org (Postfix) with ESMTP id 2AC4D13C45D
	for <FreeBSD-gnats-submit@freebsd.org>; Tue,  2 Jan 2007 03:26:24 +0000 (UTC)
	(envelope-from beech@alaskaparadise.com)
Received: from stargate.alaskaparadise.com (stargate.alaskaparadise.com [65.74.103.114])
	by stargate.alaskaparadise.com (Postfix) with ESMTP id 603817F71;
	Mon,  1 Jan 2007 18:26:23 -0900 (AKST)
Message-Id: <1167708383.37866@stargate.alaskaparadise.com>
Date: Mon, 1 Jan 2007 18:26:23 -0900
From: "Beech Rintoul" <beech@alaskaparadise.com>
To: "FreeBSD gnats submit" <FreeBSD-gnats-submit@freebsd.org>
Cc: beech@alaskaparadise.com
Subject: [Maintainer Update] ftp/proftpd: Added combined patch-contrib-mod_sql.c
X-Send-Pr-Version: gtk-send-pr 0.4.8 
X-GNATS-Notify:

>Number:         107416
>Category:       ports
>Synopsis:       [Maintainer Update] ftp/proftpd: Added combined patch-contrib-mod_sql.c
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    clsung
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Tue Jan 02 03:30:14 GMT 2007
>Closed-Date:    Sun Jan 07 10:46:03 GMT 2007
>Last-Modified:  Sun Jan  7 10:50:11 GMT 2007
>Originator:     Beech Rintoul
>Release:        FreeBSD 7.0-CURRENT i386
>Organization:
Alaska Paradise  
>Environment:


System: FreeBSD 7.0-CURRENT #96: Sat Dec 30 02:46:49 AKST 2006
    root@stargate.alaskaparadise.com:/usr/obj/usr/src/sys/STARGATE



>Description:


*Bumped PORTREVISION
*Added combined patch-contrib-mod_sql.c
Addresses distributor bugs #2828 & #2869 - mod_sql botches WHERE clauses and Support variables in SQL WHERE directives.
*Added include/proftpd/mod_sql.h to pkg-plist


>How-To-Repeat:





>Fix:


diff -ruN --exclude=CVS /usr/ports/ftp/proftpd.orig/Makefile /usr/ports/ftp/proftpd/Makefile
--- /usr/ports/ftp/proftpd.orig/Makefile	Mon Jan  1 03:44:05 2007
+++ /usr/ports/ftp/proftpd/Makefile	Mon Jan  1 17:49:46 2007
@@ -7,7 +7,7 @@
 
 PORTNAME=	proftpd
 DISTVERSION=	1.3.1rc1
-PORTREVISION=	2
+PORTREVISION=	3
 CATEGORIES=	ftp
 MASTER_SITES=	ftp://ftp.proftpd.org/distrib/source/ \
 		ftp://ftp.fastorama.com/mirrors/ftp.proftpd.org/distrib/source/ \
@@ -58,7 +58,7 @@
 		RADIUS "Include mod_radius" off \
 		QUOTATAB_RADIUS "include mod_quotatab_radius" off \
 		BAN "include mod_ban (Requires CTRLS)" off \
-		NLS "Use nls-builds mod_lang" off
+		NLS "Use nls (builds mod_lang)" off
 
 MODULES?=
 LIBDIRS?=
diff -ruN --exclude=CVS /usr/ports/ftp/proftpd.orig/files/patch-contrib-mod_sql.c /usr/ports/ftp/proftpd/files/patch-contrib-mod_sql.c
--- /usr/ports/ftp/proftpd.orig/files/patch-contrib-mod_sql.c	Wed Dec 31 14:00:00 1969
+++ /usr/ports/ftp/proftpd/files/patch-contrib-mod_sql.c	Mon Jan  1 17:25:54 2007
@@ -0,0 +1,249 @@
+--- contrib/mod_sql.c.orig	Mon Dec 11 13:40:18 2006
++++ contrib/mod_sql.c	Mon Jan  1 17:16:57 2007
+@@ -104,8 +104,11 @@
+ 
+ module sql_module;
+ 
+-static char *_sql_where(cmd_rec *, int, ...);
+ #define SQL_MAX_STMT_LEN	4096
++
++static char *sql_prepare_where(int, cmd_rec *, int, ...);
++#define SQL_PREPARE_WHERE_FL_NO_TAGS	0x00001
++
+ static char *resolve_long_tag(cmd_rec *, char *);
+ static int resolve_numeric_tag(cmd_rec *, char *);
+ static char *resolve_short_tag(cmd_rec *, char);
+@@ -752,10 +755,10 @@
+   return mr ? (char *) mr->data : NULL;
+ }
+ 
+-static char *_sql_where(cmd_rec *cmd, int cnt, ...) {
++static char *sql_prepare_where(int flags, cmd_rec *cmd, int cnt, ...) {
+   int i, flag;
+   int curr_avail;
+-  char *buf = "", *res, *tchar, *curr, *tmp;
++  char *buf = "", *res, *tchar;
+   va_list dummy;
+ 
+   res = pcalloc(cmd->tmp_pool, SQL_MAX_STMT_LEN);
+@@ -774,31 +777,53 @@
+   }
+   va_end(dummy);
+ 
+-  /* Process variables in WHERE clauses, except any "%{num}" references. */
+-  curr = res;
+-  curr_avail = SQL_MAX_STMT_LEN;
+-  for (tmp = buf; *tmp; ) {
+-    char *str;
+-    modret_t *mr;
++  if (!(flags & SQL_PREPARE_WHERE_FL_NO_TAGS)) {
++    char *curr, *tmp;
+ 
+-    if (*tmp == '%') {
+-      char *tag = NULL;
++    /* Process variables in WHERE clauses, except any "%{num}" references. */
++    curr = res;
++    curr_avail = SQL_MAX_STMT_LEN;
++
++    for (tmp = buf; *tmp; ) {
++      char *str;
++      modret_t *mr;
+ 
+-      if (*(++tmp) == '{') {
+-        char *query;
++      if (*tmp == '%') {
++        char *tag = NULL;
+ 
+-        if (*tmp != '\0')
+-          query = ++tmp;
++        if (*(++tmp) == '{') {
++          char *query;
+ 
+-        while (*tmp && *tmp != '}')
+-          tmp++;
++          if (*tmp != '\0')
++            query = ++tmp;
++
++          while (*tmp && *tmp != '}')
++            tmp++;
++
++          tag = pstrndup(cmd->tmp_pool, query, (tmp - query));
++          if (tag) {
++            str = resolve_long_tag(cmd, tag);
++            if (!str)
++              str = pstrdup(cmd->tmp_pool, "");
++
++            mr = _sql_dispatch(_sql_make_cmd(cmd->tmp_pool, 2, "default",
++              str), "sql_escapestring");
++            if (check_response(mr) < 0)
++              return NULL;
++
++            sstrcat(curr, mr->data, curr_avail);
++            curr += strlen(mr->data);
++            curr_avail -= strlen(mr->data);
+ 
+-        tag = pstrndup(cmd->tmp_pool, query, (tmp - query));
+-        if (tag) {
+-          str = resolve_long_tag(cmd, tag);
+-          if (!str)
+-            str = pstrdup(cmd->tmp_pool, "");
++            if (*tmp != '\0')
++              tmp++;
++
++          } else {
++            return NULL;
++          }
+ 
++        } else {
++          str = resolve_short_tag(cmd, *tmp);
+           mr = _sql_dispatch(_sql_make_cmd(cmd->tmp_pool, 2, "default",
+             str), "sql_escapestring");
+           if (check_response(mr) < 0)
+@@ -810,32 +835,18 @@
+ 
+           if (*tmp != '\0')
+             tmp++;
+-
+-        } else {
+-          return NULL;
+         }
+ 
+       } else {
+-        str = resolve_short_tag(cmd, *tmp);
+-        mr = _sql_dispatch(_sql_make_cmd(cmd->tmp_pool, 2, "default",
+-          str), "sql_escapestring");
+-        if (check_response(mr) < 0)
+-          return NULL;
+-
+-        sstrcat(curr, mr->data, curr_avail);
+-        curr += strlen(mr->data);
+-        curr_avail -= strlen(mr->data);
+-
+-        if (*tmp != '\0')
+-          tmp++;
++        *curr++ = *tmp++;
++        curr_avail--;
+       }
+-
+-    } else {
+-      *curr++ = *tmp++;
+-      curr_avail--;
+     }
++    *curr++ = '\0';
++
++  } else {
++    res = buf;
+   }
+-  *curr++ = '\0';
+ 
+   return res;
+ }
+@@ -1212,7 +1223,7 @@
+   }
+ 
+   if (!cmap.usercustom) { 
+-    where = _sql_where(cmd, 2, usrwhere, cmap.userwhere);
++    where = sql_prepare_where(0, cmd, 2, usrwhere, cmap.userwhere);
+ 
+     mr = _sql_dispatch(_sql_make_cmd(cmd->tmp_pool, 5, "default",
+       cmap.usrtable, cmap.usrfields, where, "1"), "sql_select");
+@@ -1438,7 +1449,7 @@
+       return NULL;
+     }
+ 
+-    where = _sql_where(cmd, 2, grpwhere, cmap.groupwhere);
++    where = sql_prepare_where(0, cmd, 2, grpwhere, cmap.groupwhere);
+ 
+     mr = _sql_dispatch(_sql_make_cmd(cmd->tmp_pool, 5, "default",
+       cmap.grptable, cmap.grpfield, where, "1"), "sql_select");
+@@ -1456,7 +1467,7 @@
+ 
+   grpwhere = pstrcat(cmd->tmp_pool, cmap.grpfield, " = '", groupname, "'",
+     NULL);
+-  where = _sql_where(cmd, 2, grpwhere, cmap.groupwhere);
++  where = sql_prepare_where(0, cmd, 2, grpwhere, cmap.groupwhere);
+   
+   mr = _sql_dispatch(_sql_make_cmd(cmd->tmp_pool, 4, "default",
+     cmap.grptable, cmap.grpfields, where), "sql_select");
+@@ -1530,7 +1541,7 @@
+ 
+   usrwhere = pstrcat(cmd->tmp_pool, cmap.usrfield, " = '", _sql_realuser(cmd),
+     "'", NULL);
+-  where = _sql_where(cmd, 2, usrwhere, cmap.userwhere);
++  where = sql_prepare_where(0, cmd, 2, usrwhere, cmap.userwhere);
+ 
+   mr = _sql_dispatch(_sql_make_cmd(cmd->tmp_pool, 4, "default", cmap.usrtable,
+     query, where), "sql_update");
+@@ -1606,7 +1617,8 @@
+       cmap.grpmembersfield, " = '", username, "'", NULL);
+   }
+ 
+-  where = _sql_where(cmd, 2, grpwhere, cmap.groupwhere);
++  where = sql_prepare_where(SQL_PREPARE_WHERE_FL_NO_TAGS, cmd, 2, grpwhere,
++    sql_prepare_where(0, cmd, 1, cmap.groupwhere));
+   
+   mr = _sql_dispatch(_sql_make_cmd(cmd->tmp_pool, 4, "default",
+     cmap.grptable, cmap.grpfields, where), "sql_select");
+@@ -1746,7 +1758,7 @@
+ static char *resolve_short_tag(cmd_rec *cmd, char tag) {
+   char arg[256] = {'\0'}, *argp;
+ 
+-  switch(tag) {
++  switch (tag) {
+   case 'A': {
+       char *pass;
+ 
+@@ -2915,7 +2927,7 @@
+   /* single select or not? */
+   if (SQL_FASTUSERS) {
+     /* retrieve our list of passwds */
+-    where = _sql_where(cmd, 1, cmap.userwhere);
++    where = sql_prepare_where(0, cmd, 1, cmap.userwhere);
+ 
+     mr = _sql_dispatch(_sql_make_cmd(cmd->tmp_pool, 4, "default",
+       cmap.usrtable, cmap.usrfields, where), "sql_select");
+@@ -2978,7 +2990,7 @@
+     } 
+   } else {
+     /* retrieve our list of passwds */
+-    where = _sql_where(cmd, 1, cmap.userwhere);
++    where = sql_prepare_where(0, cmd, 1, cmap.userwhere);
+     
+     mr = _sql_dispatch(_sql_make_cmd(cmd->tmp_pool, 4, "default",
+       cmap.usrtable, cmap.usrfield, where), "sql_select");
+@@ -3086,7 +3098,7 @@
+ 
+   if (SQL_FASTGROUPS) {
+     /* retrieve our list of groups */
+-    where = _sql_where(cmd, 1, cmap.groupwhere);
++    where = sql_prepare_where(0, cmd, 1, cmap.groupwhere);
+     
+     mr = _sql_dispatch(_sql_make_cmd(cmd->tmp_pool, 6, "default",
+       cmap.grptable, cmap.grpfields, where, NULL), "sql_select");
+@@ -3120,7 +3132,7 @@
+ 
+   } else {
+     /* retrieve our list of groups */
+-    where = _sql_where(cmd, 1, cmap.groupwhere);
++    where = sql_prepare_where(0, cmd, 1, cmap.groupwhere);
+     
+     mr = _sql_dispatch(_sql_make_cmd(cmd->tmp_pool, 6, "default",
+       cmap.grptable, cmap.grpfield, where, NULL, "DISTINCT"), "sql_select");
+@@ -3593,7 +3605,7 @@
+ 
+   usrwhere = pstrcat(cmd->tmp_pool, cmap.usrfield, " = '", _sql_realuser(cmd),
+     "'", NULL);
+-  where = _sql_where(cmd, 2, usrwhere, cmap.userwhere);
++  where = sql_prepare_where(0, cmd, 2, usrwhere, cmap.userwhere);
+   
+   query = pstrcat(cmd->tmp_pool, cmap.sql_fstor, ", ",
+ 		  cmap.sql_fretr, ", ", cmap.sql_bstor, ", ",
+@@ -3627,7 +3639,7 @@
+ 
+   usrwhere = pstrcat(cmd->tmp_pool, cmap.usrfield, " = '", _sql_realuser(cmd),
+     "'", NULL);
+-  where = _sql_where(cmd, 2, usrwhere, cmap.userwhere);
++  where = sql_prepare_where(0, cmd, 2, usrwhere, cmap.userwhere);
+   
+   query = pstrcat(cmd->tmp_pool, cmap.sql_frate, ", ",
+ 		  cmap.sql_fcred, ", ", cmap.sql_brate, ", ",
diff -ruN --exclude=CVS /usr/ports/ftp/proftpd.orig/pkg-plist /usr/ports/ftp/proftpd/pkg-plist
--- /usr/ports/ftp/proftpd.orig/pkg-plist	Mon Jan  1 03:44:05 2007
+++ /usr/ports/ftp/proftpd/pkg-plist	Mon Jan  1 18:05:33 2007
@@ -29,6 +29,7 @@
 include/proftpd/log.h
 include/proftpd/mkhome.h
 include/proftpd/mod_ctrls.h
+include/proftpd/mod_sql.h
 include/proftpd/mod_wrap2.h
 include/proftpd/modules.h
 include/proftpd/netacl.h



>Release-Note:
>Audit-Trail:

From: Beech Rintoul <beech@alaskaparadise.com>
To: bug-followup@freebsd.org
Cc:  
Subject: ports/107416: [Maintainer Update] ftp/proftpd: Added combined patch-contrib-mod_sql.c
Date: Mon, 1 Jan 2007 19:58:30 -0900

 Please hold off on committing this. I found another problem and a new patch 
 set is forthcoming.
 
 Beech (Maintainer)
 
 
 
 
 
 
 
 
 
 
 

From: Beech Rintoul <beech@alaskaparadise.com>
To: bug-followup@freebsd.org
Cc: beech@alaskaparadise.com
Subject: Re: ports/107416: [Maintainer Update] ftp/proftpd: Added combined patch-contrib-mod_sql.c
Date: Mon, 1 Jan 2007 22:47:02 -0900

 Please commit these patches:
 
 diff -ruN --exclude=CVS /usr/ports/ftp/proftpd.orig/Makefile /usr/ports/ftp/proftpd/Makefile
 --- /usr/ports/ftp/proftpd.orig/Makefile	Mon Jan  1 03:44:05 2007
 +++ /usr/ports/ftp/proftpd/Makefile	Mon Jan  1 22:15:59 2007
 @@ -7,7 +7,7 @@
  
  PORTNAME=	proftpd
  DISTVERSION=	1.3.1rc1
 -PORTREVISION=	2
 +PORTREVISION=	3
  CATEGORIES=	ftp
  MASTER_SITES=	ftp://ftp.proftpd.org/distrib/source/ \
  		ftp://ftp.fastorama.com/mirrors/ftp.proftpd.org/distrib/source/ \
 @@ -58,7 +58,7 @@
  		RADIUS "Include mod_radius" off \
  		QUOTATAB_RADIUS "include mod_quotatab_radius" off \
  		BAN "include mod_ban (Requires CTRLS)" off \
 -		NLS "Use nls-builds mod_lang" off
 +		NLS "Use nls (builds mod_lang)" off
  
  MODULES?=
  LIBDIRS?=
 diff -ruN --exclude=CVS /usr/ports/ftp/proftpd.orig/files/patch-contrib-mod_sql.c /usr/ports/ftp/proftpd/files/patch-contrib-mod_sql.c
 --- /usr/ports/ftp/proftpd.orig/files/patch-contrib-mod_sql.c	Wed Dec 31 
 14:00:00 1969
 +++ /usr/ports/ftp/proftpd/files/patch-contrib-mod_sql.c	Mon Jan  1 17:25:54 
 2007
 @@ -0,0 +1,249 @@
 +--- contrib/mod_sql.c.orig	Mon Dec 11 13:40:18 2006
 ++++ contrib/mod_sql.c	Mon Jan  1 17:16:57 2007
 +@@ -104,8 +104,11 @@
 + 
 + module sql_module;
 + 
 +-static char *_sql_where(cmd_rec *, int, ...);
 + #define SQL_MAX_STMT_LEN	4096
 ++
 ++static char *sql_prepare_where(int, cmd_rec *, int, ...);
 ++#define SQL_PREPARE_WHERE_FL_NO_TAGS	0x00001
 ++
 + static char *resolve_long_tag(cmd_rec *, char *);
 + static int resolve_numeric_tag(cmd_rec *, char *);
 + static char *resolve_short_tag(cmd_rec *, char);
 +@@ -752,10 +755,10 @@
 +   return mr ? (char *) mr->data : NULL;
 + }
 + 
 +-static char *_sql_where(cmd_rec *cmd, int cnt, ...) {
 ++static char *sql_prepare_where(int flags, cmd_rec *cmd, int cnt, ...) {
 +   int i, flag;
 +   int curr_avail;
 +-  char *buf = "", *res, *tchar, *curr, *tmp;
 ++  char *buf = "", *res, *tchar;
 +   va_list dummy;
 + 
 +   res = pcalloc(cmd->tmp_pool, SQL_MAX_STMT_LEN);
 +@@ -774,31 +777,53 @@
 +   }
 +   va_end(dummy);
 + 
 +-  /* Process variables in WHERE clauses, except any "%{num}" references. */
 +-  curr = res;
 +-  curr_avail = SQL_MAX_STMT_LEN;
 +-  for (tmp = buf; *tmp; ) {
 +-    char *str;
 +-    modret_t *mr;
 ++  if (!(flags & SQL_PREPARE_WHERE_FL_NO_TAGS)) {
 ++    char *curr, *tmp;
 + 
 +-    if (*tmp == '%') {
 +-      char *tag = NULL;
 ++    /* Process variables in WHERE clauses, except any "%{num}" references. 
 */
 ++    curr = res;
 ++    curr_avail = SQL_MAX_STMT_LEN;
 ++
 ++    for (tmp = buf; *tmp; ) {
 ++      char *str;
 ++      modret_t *mr;
 + 
 +-      if (*(++tmp) == '{') {
 +-        char *query;
 ++      if (*tmp == '%') {
 ++        char *tag = NULL;
 + 
 +-        if (*tmp != '\0')
 +-          query = ++tmp;
 ++        if (*(++tmp) == '{') {
 ++          char *query;
 + 
 +-        while (*tmp && *tmp != '}')
 +-          tmp++;
 ++          if (*tmp != '\0')
 ++            query = ++tmp;
 ++
 ++          while (*tmp && *tmp != '}')
 ++            tmp++;
 ++
 ++          tag = pstrndup(cmd->tmp_pool, query, (tmp - query));
 ++          if (tag) {
 ++            str = resolve_long_tag(cmd, tag);
 ++            if (!str)
 ++              str = pstrdup(cmd->tmp_pool, "");
 ++
 ++            mr = _sql_dispatch(_sql_make_cmd(cmd->tmp_pool, 2, "default",
 ++              str), "sql_escapestring");
 ++            if (check_response(mr) < 0)
 ++              return NULL;
 ++
 ++            sstrcat(curr, mr->data, curr_avail);
 ++            curr += strlen(mr->data);
 ++            curr_avail -= strlen(mr->data);
 + 
 +-        tag = pstrndup(cmd->tmp_pool, query, (tmp - query));
 +-        if (tag) {
 +-          str = resolve_long_tag(cmd, tag);
 +-          if (!str)
 +-            str = pstrdup(cmd->tmp_pool, "");
 ++            if (*tmp != '\0')
 ++              tmp++;
 ++
 ++          } else {
 ++            return NULL;
 ++          }
 + 
 ++        } else {
 ++          str = resolve_short_tag(cmd, *tmp);
 +           mr = _sql_dispatch(_sql_make_cmd(cmd->tmp_pool, 2, "default",
 +             str), "sql_escapestring");
 +           if (check_response(mr) < 0)
 +@@ -810,32 +835,18 @@
 + 
 +           if (*tmp != '\0')
 +             tmp++;
 +-
 +-        } else {
 +-          return NULL;
 +         }
 + 
 +       } else {
 +-        str = resolve_short_tag(cmd, *tmp);
 +-        mr = _sql_dispatch(_sql_make_cmd(cmd->tmp_pool, 2, "default",
 +-          str), "sql_escapestring");
 +-        if (check_response(mr) < 0)
 +-          return NULL;
 +-
 +-        sstrcat(curr, mr->data, curr_avail);
 +-        curr += strlen(mr->data);
 +-        curr_avail -= strlen(mr->data);
 +-
 +-        if (*tmp != '\0')
 +-          tmp++;
 ++        *curr++ = *tmp++;
 ++        curr_avail--;
 +       }
 +-
 +-    } else {
 +-      *curr++ = *tmp++;
 +-      curr_avail--;
 +     }
 ++    *curr++ = '\0';
 ++
 ++  } else {
 ++    res = buf;
 +   }
 +-  *curr++ = '\0';
 + 
 +   return res;
 + }
 +@@ -1212,7 +1223,7 @@
 +   }
 + 
 +   if (!cmap.usercustom) { 
 +-    where = _sql_where(cmd, 2, usrwhere, cmap.userwhere);
 ++    where = sql_prepare_where(0, cmd, 2, usrwhere, cmap.userwhere);
 + 
 +     mr = _sql_dispatch(_sql_make_cmd(cmd->tmp_pool, 5, "default",
 +       cmap.usrtable, cmap.usrfields, where, "1"), "sql_select");
 +@@ -1438,7 +1449,7 @@
 +       return NULL;
 +     }
 + 
 +-    where = _sql_where(cmd, 2, grpwhere, cmap.groupwhere);
 ++    where = sql_prepare_where(0, cmd, 2, grpwhere, cmap.groupwhere);
 + 
 +     mr = _sql_dispatch(_sql_make_cmd(cmd->tmp_pool, 5, "default",
 +       cmap.grptable, cmap.grpfield, where, "1"), "sql_select");
 +@@ -1456,7 +1467,7 @@
 + 
 +   grpwhere = pstrcat(cmd->tmp_pool, cmap.grpfield, " = '", groupname, "'",
 +     NULL);
 +-  where = _sql_where(cmd, 2, grpwhere, cmap.groupwhere);
 ++  where = sql_prepare_where(0, cmd, 2, grpwhere, cmap.groupwhere);
 +   
 +   mr = _sql_dispatch(_sql_make_cmd(cmd->tmp_pool, 4, "default",
 +     cmap.grptable, cmap.grpfields, where), "sql_select");
 +@@ -1530,7 +1541,7 @@
 + 
 +   usrwhere = pstrcat(cmd->tmp_pool, cmap.usrfield, " = '", 
 _sql_realuser(cmd),
 +     "'", NULL);
 +-  where = _sql_where(cmd, 2, usrwhere, cmap.userwhere);
 ++  where = sql_prepare_where(0, cmd, 2, usrwhere, cmap.userwhere);
 + 
 +   mr = _sql_dispatch(_sql_make_cmd(cmd->tmp_pool, 4, "default", 
 cmap.usrtable,
 +     query, where), "sql_update");
 +@@ -1606,7 +1617,8 @@
 +       cmap.grpmembersfield, " = '", username, "'", NULL);
 +   }
 + 
 +-  where = _sql_where(cmd, 2, grpwhere, cmap.groupwhere);
 ++  where = sql_prepare_where(SQL_PREPARE_WHERE_FL_NO_TAGS, cmd, 2, grpwhere,
 ++    sql_prepare_where(0, cmd, 1, cmap.groupwhere));
 +   
 +   mr = _sql_dispatch(_sql_make_cmd(cmd->tmp_pool, 4, "default",
 +     cmap.grptable, cmap.grpfields, where), "sql_select");
 +@@ -1746,7 +1758,7 @@
 + static char *resolve_short_tag(cmd_rec *cmd, char tag) {
 +   char arg[256] = {'\0'}, *argp;
 + 
 +-  switch(tag) {
 ++  switch (tag) {
 +   case 'A': {
 +       char *pass;
 + 
 +@@ -2915,7 +2927,7 @@
 +   /* single select or not? */
 +   if (SQL_FASTUSERS) {
 +     /* retrieve our list of passwds */
 +-    where = _sql_where(cmd, 1, cmap.userwhere);
 ++    where = sql_prepare_where(0, cmd, 1, cmap.userwhere);
 + 
 +     mr = _sql_dispatch(_sql_make_cmd(cmd->tmp_pool, 4, "default",
 +       cmap.usrtable, cmap.usrfields, where), "sql_select");
 +@@ -2978,7 +2990,7 @@
 +     } 
 +   } else {
 +     /* retrieve our list of passwds */
 +-    where = _sql_where(cmd, 1, cmap.userwhere);
 ++    where = sql_prepare_where(0, cmd, 1, cmap.userwhere);
 +     
 +     mr = _sql_dispatch(_sql_make_cmd(cmd->tmp_pool, 4, "default",
 +       cmap.usrtable, cmap.usrfield, where), "sql_select");
 +@@ -3086,7 +3098,7 @@
 + 
 +   if (SQL_FASTGROUPS) {
 +     /* retrieve our list of groups */
 +-    where = _sql_where(cmd, 1, cmap.groupwhere);
 ++    where = sql_prepare_where(0, cmd, 1, cmap.groupwhere);
 +     
 +     mr = _sql_dispatch(_sql_make_cmd(cmd->tmp_pool, 6, "default",
 +       cmap.grptable, cmap.grpfields, where, NULL), "sql_select");
 +@@ -3120,7 +3132,7 @@
 + 
 +   } else {
 +     /* retrieve our list of groups */
 +-    where = _sql_where(cmd, 1, cmap.groupwhere);
 ++    where = sql_prepare_where(0, cmd, 1, cmap.groupwhere);
 +     
 +     mr = _sql_dispatch(_sql_make_cmd(cmd->tmp_pool, 6, "default",
 +       cmap.grptable, cmap.grpfield, where, NULL, "DISTINCT"), "sql_select");
 +@@ -3593,7 +3605,7 @@
 + 
 +   usrwhere = pstrcat(cmd->tmp_pool, cmap.usrfield, " = '", 
 _sql_realuser(cmd),
 +     "'", NULL);
 +-  where = _sql_where(cmd, 2, usrwhere, cmap.userwhere);
 ++  where = sql_prepare_where(0, cmd, 2, usrwhere, cmap.userwhere);
 +   
 +   query = pstrcat(cmd->tmp_pool, cmap.sql_fstor, ", ",
 + 		  cmap.sql_fretr, ", ", cmap.sql_bstor, ", ",
 +@@ -3627,7 +3639,7 @@
 + 
 +   usrwhere = pstrcat(cmd->tmp_pool, cmap.usrfield, " = '", 
 _sql_realuser(cmd),
 +     "'", NULL);
 +-  where = _sql_where(cmd, 2, usrwhere, cmap.userwhere);
 ++  where = sql_prepare_where(0, cmd, 2, usrwhere, cmap.userwhere);
 +   
 +   query = pstrcat(cmd->tmp_pool, cmap.sql_frate, ", ",
 + 		  cmap.sql_fcred, ", ", cmap.sql_brate, ", ",
 diff -ruN --exclude=CVS /usr/ports/ftp/proftpd.orig/pkg-plist /usr/ports/ftp/proftpd/pkg-plist
 --- /usr/ports/ftp/proftpd.orig/pkg-plist	Mon Jan  1 03:44:05 2007
 +++ /usr/ports/ftp/proftpd/pkg-plist	Mon Jan  1 18:05:33 2007
 @@ -29,6 +29,7 @@
  include/proftpd/log.h
  include/proftpd/mkhome.h
  include/proftpd/mod_ctrls.h
 +include/proftpd/mod_sql.h
  include/proftpd/mod_wrap2.h
  include/proftpd/modules.h
  include/proftpd/netacl.h
Responsible-Changed-From-To: freebsd-ports-bugs->clsung 
Responsible-Changed-By: clsung 
Responsible-Changed-When: Tue Jan 2 08:30:22 UTC 2007 
Responsible-Changed-Why:  
I'll take it. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=107416 
State-Changed-From-To: open->feedback 
State-Changed-By: erwin 
State-Changed-When: Sat Jan 6 12:57:42 UTC 2007 
State-Changed-Why:  
The second patch got mangled due to linewrapping in your 
email client.  Maybe you can put it somewhere for download? 

http://www.freebsd.org/cgi/query-pr.cgi?pr=107416 

From: Beech Rintoul <beech@alaskaparadise.com>
To: bug-followup@freebsd.org
Cc:  
Subject: ports/107416: [Maintainer Update] ftp/proftpd: Added combined patch-contrib-mod_sql.c
Date: Sat, 6 Jan 2007 21:57:33 -0900

 The latest patch can be downloaded here:
 
 http://www.alaskaparadise.com/freebsd/patch-proftpd
 
 Beech (Maintainer)
 -- 
 
 
 
 
 
 
 
 
 
 
 
State-Changed-From-To: feedback->open 
State-Changed-By: clsung 
State-Changed-When: Sun Jan 7 08:10:01 UTC 2007 
State-Changed-Why:  
Feedback received. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=107416 
State-Changed-From-To: open->closed 
State-Changed-By: erwin 
State-Changed-When: Sun Jan 7 10:45:32 UTC 2007 
State-Changed-Why:  
Committed, thanks! 

Note that you missed  
+.else 
+PLIST_SUB+=     MYSQL="@comment " 
in the WITH_MYSQL section. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=107416 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/107416: commit references a PR
Date: Sun,  7 Jan 2007 10:45:42 +0000 (UTC)

 erwin       2007-01-07 10:45:36 UTC
 
   FreeBSD ports repository
 
   Modified files:
     ftp/proftpd          Makefile pkg-plist 
   Added files:
     ftp/proftpd/files    patch-contrib-mod_sql.c 
   Log:
   *Bumped PORTREVISION
   *Added combined patch-contrib-mod_sql.c
    Addresses distributor bugs #2828 & #2869 -
    mod_sql botches WHERE clauses and Support variables in SQL WHERE directives.
   *Added include/proftpd/mod_sql.h to pkg-plist
   
   PR:             107416
   Submitted by:   "Beech Rintoul" <beech@alaskaparadise.com> (maintainer)
   
   Revision  Changes    Path
   1.98      +8 -4      ports/ftp/proftpd/Makefile
   1.1       +268 -0    ports/ftp/proftpd/files/patch-contrib-mod_sql.c (new)
   1.16      +1 -1      ports/ftp/proftpd/pkg-plist
 _______________________________________________
 cvs-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/cvs-all
 To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
 
>Unformatted:
