[Dovecot] MySQL stored proc authorization

Timo Sirainen tss at iki.fi
Fri Oct 13 22:35:06 UTC 2006


On Fri, 2006-10-13 at 23:24 +0200, Chaos Engine wrote:
> Are you sure the difference is between the changes in Dovecot and not
> in
>         some gentoo compile/link flags? Such as a different mysql
>         library.
> 
> I'm pretty sure. I haven't changed my previous compile flags (Gentoo USE flags). To tell the truth I haven't found any word of using stored procedures in mysql authorization; but it worked. I haven't touched MySQL or its libs, only upgraded dovecot.

I don't know how MySQL procedures are even supposed to work..

>         I don't think I've changed anything related to that between
>         rc7 and rc8.

I guess the difference is that I removed this code:

#ifdef CLIENT_MULTI_STATEMENTS
       /* Updates require this because everything is committed in one large
          SQL statement. */
       db->client_flags |= CLIENT_MULTI_STATEMENTS;
#endif

I'd rather not put it back since it potentially makes it less secure.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20061014/80215e47/attachment.pgp 


More information about the dovecot mailing list