2006/10/13, Timo Sirainen tss@iki.fi:
Are you sure the difference is between the changes in Dovecot and not in some gentoo compile/link flags? Such as a different mysql library.
I'm pretty sure. I haven't changed my previous compile flags (Gentoo USE flags). To tell the truth I haven't found any word of using stored
On Fri, 2006-10-13 at 23:24 +0200, Chaos Engine wrote: procedures in mysql authorization; but it worked. I haven't touched MySQL or its libs, only upgraded dovecot.
I don't know how MySQL procedures are even supposed to work..
I don't think I've changed anything related to that between rc7 and rc8.I guess the difference is that I removed this code:
#ifdef CLIENT_MULTI_STATEMENTS /* Updates require this because everything is committed in one large SQL statement. */ db->client_flags |= CLIENT_MULTI_STATEMENTS; #endif
I'd rather not put it back since it potentially makes it less secure.
Yes, most probably the lack of this CLIENT_MULTI_STATEMENTS flag blocks stored procs (acording to MySQL docs).
From my point of view using stored proc is more secure than putting select user, password from user_sensitive_data_table into dovecot-sql.conf, but I'll live with that. You most probably had your reasons, and ultimately I agree - security first ;-)
-- Chaos greets U