Mailing List Archive


Back to the month index Back to the list index
bill@wileynpt.com
Tue, 11 Nov 1997 17:23:56 -0500 (EST) 

From: bill@wileynpt.com
Date: Tue, 11 Nov 1997 17:23:56 -0500 (EST)
Subject: mSQL NSAPI Question (Threads?)
Message-ID: <Pine.SOL.3.96.971111171608.12439A-100000@brandywine.wileynpt.com>

Included at the bottom is the source code to my mSQL netscape
authentication plugin...

Here's my question..

I've implemented this code, and it works, some of the time. For some
unknown reason, if I open a page that generates quite a few GETs some of
them fail. (~ 20%) The only reason I can come up with is that since
Netscape is multithreaded, and the libmsql dosen't seem to be thread safe,
that somehow the results are getting clobbered somewhere.

Has anyone done this successfully, and if so, would you share your
knowledge?

The only way I can think of to go forward is to try using a lock around
critical sections.

Any help would be greatly appreciated!!

Thanks,

Bill

< Code below >

#include "base/pblock.h"
#include "base/session.h"
#include "frame/req.h"

/* The following is for the inclusion of the msql database stuff. */

#include "msql.h"

/* ---------------------------- msql_auth ---------------------------- */

typedef struct {
    char *name;
    char *pw;
} user_s;

#include "frame/log.h"

#ifdef XP_WIN32
#define NSAPI_PUBLIC __declspec(dllexport)
#else /* !XP_WIN32 */
#define NSAPI_PUBLIC
#endif /* !XP_WIN32 */

NSAPI_PUBLIC int msql_auth(pblock *param, Session *sn, Request *rq)
{
    /* Parameters given to us by auth-basic */
    char *db = pblock_findval("userdb", param);
    char *user = pblock_findval("user", param);
    char *pw = pblock_findval("pw", param);

    /* Temp variables */
    int dbh, rows;
    m_row row;
    m_result *query;
    char mSQLserver[] = "miles.wileynpt.com";
    char mSQLDB[] = "netscape";
    char querystr[255];

    sprintf(querystr, "select passwd from %s where name='%s'", db, user);

    if((dbh = msqlConnect(mSQLserver)) != -1)
      {
      if(msqlSelectDB(dbh, mSQLDB) != -1)
        {
        if((rows = msqlQuery(dbh, querystr)) > 0)
          {
          if(strlen(msqlErrMsg) != 0)
            {
            log_error(LOG_SECURITY, "msql_auth", sn, rq,
                "**** MSQL Error: %s", msqlErrMsg);
            msqlClose(dbh);
            return REQ_NOACTION;
            }

          query = msqlStoreResult();
          if(strlen(msqlErrMsg) != 0)
            {
            log_error(LOG_SECURITY, "msql_auth", sn, rq,
                "**** MSQL Error: %s", msqlErrMsg);
            msqlClose(dbh);
            return REQ_NOACTION;
            }

          row = msqlFetchRow(query);
          if(strlen(msqlErrMsg) != 0)
            {
            log_error(LOG_SECURITY, "msql_auth", sn, rq,
                "**** MSQL Error: %s", msqlErrMsg);
            msqlClose(dbh);
            return REQ_NOACTION;
            }

          if(strcmp(pw, row[0]))
            {
            log_error(LOG_SECURITY, "msql_auth", sn, rq,
                "user %s entered invalid password", user);
            msqlFreeResult(query);
            msqlClose(dbh);
            return REQ_NOACTION;
            }
          else
            {
            msqlFreeResult(query);
            msqlClose(dbh);
            return REQ_PROCEED;
            }
          }
        else
          {
          log_error(LOG_SECURITY, "msql_auth", sn, rq,
                "user %s unknown", user);
          msqlClose(dbh);
          return REQ_NOACTION;
          }
        }
      else
        {
        log_error(LOG_SECURITY, "msql_auth", sn, rq,
              "mSQL can't select DB %s", mSQLDB);
        msqlClose(dbh);
        return REQ_NOACTION;
        }
      }
    else
      {
      log_error(LOG_SECURITY, "msql_auth", sn, rq,
            "mSQL can't connect to server %s", mSQLserver);
      return REQ_NOACTION;
      }
}