- myownquery.patch simplified according to suggestions from Sam Varshavchik

[packages/courier-imap.git] / courier-imap-myownquery.patch

diff -Nur courier-imap-1.3.12.orig/authlib/README.myownquery courier-imap-1.3.12/authlib/README.myownquery
--- courier-imap-1.3.12.orig/authlib/README.myownquery	Thu Jan  1 01:00:00 1970
+++ courier-imap-1.3.12/authlib/README.myownquery	Sun Dec 30 01:41:38 2001
@@ -0,0 +1,543 @@
+
+
+
+
+	    Developer Notes for courier-imap-myownquery.patch
+
+
+
+
+							document version: 1.03
+							author:	Pawel Wilk
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+0 What's that?
+
+1 Modifications overview
+
+2 Definitions
+
+3 New data types
+  3.1 struct var_data
+  3.2 typedef size_t (*parsefunc)
+  
+4 New functions
+  4.1 get_variable
+  4.2 parse_core
+  4.3 ParsePlugin_counter
+  4.4 ParsePlugin_builder
+  4.5 parse_string
+  4.6 validate_password
+  4.7 get_localpart
+  4.8 get_domain
+  4.9 parse_select_clause
+  4.10 parse_chpass_clause
+  
+5 Ideas and TODO
+
+6 Thanks
+
+
+
+
+		    *-----------------------
+		     0 What's that?
+		    *-----------------------
+
+Courier-imap-myownquery.patch allows administrator to set own MySQL queries
+used by authdaemon to authenticate user (including fetchig credentials) and to
+change user's password. It allows to construct SELECT or UPDATE clause in the
+configuration file (authmysqlrc) by adding two new configuration variables:
+MYSQL_SELECT_CLAUSE and MYSQL_CHPASS_CLAUSE. It may be useful in the mail
+environments where there is such a need to have different database structure
+and/or tables scheme than expected by authmysql module.
+
+It also implements a small parsing engine for substitution variables which
+may appear in the clauses and are used to put informations like username
+or domain into the right place of a query.
+
+This patch was created using `diff -Nur` on courier-imap-1.3.12 source.
+
+
+
+
+
+		    *-----------------------
+		     1 Modifications overview
+		    *-----------------------
+
+Modified files:	authmysqllib.c authmysqlrc
+
+Each modified set of instructions is marked by my e-mail address:
+siefca@pld.org.pl
+
+Changes in the current source code are related to:
+
+- sections where the queries are constructed
+  (including memory allocation for the buffers)
+
+	when MYSQL_SELECT_CLAUSE or MYSQL_CHPASS_CLAUSE is
+	used then the query goes through the parsing functions
+	passing over current memory allocation and query construction
+	subroutines
+	  
+- section where the configuration file is read
+
+	i've had to modify read_env() function to allow line breaks
+	- now each sequence of the backslash as a first character and
+	newline as the second is replaced by two whitespaces while
+	putting into the buffer
+
+- sections where the query is constructed
+
+	selection is made, depending on configuration variables which
+	are set or not - if own query is used 
+
+
+
+
+
+		    *-----------------------
+		     2 Definitions
+		    *-----------------------
+
+#define		MAX_SUBSTITUTION_LEN	32
+#define		SV_BEGIN_MARK		"$("
+#define		SV_END_MARK		")"
+#define		SV_BEGIN_LEN		((sizeof(SV_BEGIN_MARK))-1)
+#define		SV_END_LEN		((sizeof(SV_END_MARK))-1)
+
+These definitions allows to change substitution marks in an easy way.
+SV_BEGIN_MARK refers to sequence of characters treated as a prefix of
+each substitution variable and SV_END_MARK refers to string which is
+a closing suffix. If the expected substitution variable is called
+'local_part' (without apostrophes) then '$(local_part)' is a valid
+string representation for SV_BEGIN_MARK set to "$(" and SV_END_MARK to ")".
+MAX_SUBSTITUTION_LEN defines maximal length of a substitution variable's
+identifier (name).
+
+The last two definitions are just for code simplification.
+
+
+
+
+
+
+		    *-----------------------
+		     3 New data types
+		    *-----------------------
+
+This section describes new data type definitions and variables.
+
+3.1 struct var_data
+
+struct var_data {			
+	const char *name;
+	const char *value;
+	const size_t size;
+	size_t value_length;
+	} ;
+
+This structure holds information needed by parsing routines.
+Using var_data array you may specify a set of string substitutions
+which should be done while parsing a query. Last element in array
+should have all fields set to zero (null). 
+
+name field	- should contain substituted variable name
+value 		- should contain string which replaces it
+size		- should contain string size including the last zero byte ('\0')
+value_length	- should be set to zero - it is used as a value size cache
+
+
+explanation: size is used to increase speed of calculation proccess
+	     value_length is used to cache length of a value during the
+	     parsing subroutines - it helps when substitution variable
+	     occures more than once within the query
+ 
+Example:
+
+struct var_data vdt[] =	{
+    {"some",	"replacement",	sizeof("some"),		0},
+    {"anotha",	NULL,		sizeof("anotha"),	0},
+    {NULL,	NULL,		0,			0}
+};
+
+In this example we've declared that $(some) in the query should be
+replaced by 'replacement' text, and replacement for $(anotha) will
+be defined in the code before passing on the array pointer to
+the paring function.
+
+
+3.2 typedef size_t (*parsefunc)
+
+typedef int (*parsefunc)(const char *, size_t, void *);
+
+This type definition refers to the function pointer, which is used
+to pass plugin functions into the core parsing subroutine. This definition
+is included to simplify the declaration of the parse_core() function.
+
+
+
+
+
+		    *-----------------------
+		     4 New functions
+		    *-----------------------
+
+This section describes added functions.
+
+4.1 get_variable
+
+NAME
+
+	get_variable
+
+SYNOPSIS
+
+	static const struct var_data *get_variable (const char *begin,
+						    size_t len,
+  		  	        	  	    struct var_data *vdt);
+
+DESCRIPTION
+
+	This function searches an array pointed by vdt and tries to find
+	the substitution variable, which name is identified with begin
+	pointer and length of len bytes long.
+	
+	This function is also responsible for updating length cache field
+	of vdt elements and validating requested variables.
+	
+	This function repports errors by sending human readable
+	messages to the standard error stream.
+
+RETURN VALUE
+
+	This function returns a pointer to the array element which is
+	structure of var_data type, which contains variable definition
+	of a given name. It returns NULL on error or failure.
+
+
+4.2 parse_core
+
+NAME
+
+	parse_core
+
+SYNOPSIS
+	static int    parse_core (const char *source, struct var_data *vdt,
+				  parsefunc outfn, void *result);
+
+DESCRIPTION
+
+	This is the parsing routine for query strings containing the
+	substitution variables. It reads the string pointed with source
+	and tries to catch a valid substitution variables or parts which
+	are plain text blocks. The main purpose of using this function
+	it to split source string into parts and for each part call
+	outfn() function. Those parts are substrings identified by
+	pointer to some element of the source string and size.
+	Those elements are the result of splitting source string into
+	logical parts: plain text substrings and substitution variables'
+	values. To get the values of any found substitution variables
+	parse_core() uses get_variable() function. To find places
+	where substitution variables occurs it uses strstr() function
+	in conjunction with SV_BEGIN_MARK and SV_END_MARK definitions.
+	It passes vdt structure pointer to get_variable() function is
+	it calls it.
+
+	outfn() function should be passed by its pointer which
+	refers to declaration:
+	
+ 	int (*outfn)    (const char *begin,
+			 size_t string_length,
+			 void *void_pointer);
+	
+	Each time outfn() is called the result argument of parse_core()
+	is passed to the outfn() as a last argument (void_pointer).
+	
+	Example:
+	
+	    Example string "$(local_part) AND $(domain)" will cause the
+	    outfn() to be called 3 times. First time for a value of
+	    $(local_part) substitution variable, second time
+	    for " AND " string, and the last time for $(domain) variable's
+	    value. Variables are passed to outfn() by their (found) values,
+	    plain text blocks are passed as they appear.
+
+	This function repports errors by sending human readable
+	messages to the standard error stream.
+
+RETURN VALUE
+
+	This function returns -1 if an error has occured and 0 if
+	everything went good.
+	
+4.3 ParsePlugin_counter
+
+NAME
+
+	ParsePlugin_counter
+
+SYNOPSIS
+
+	int    ParsePlugin_counter (const char *begin, size_t len,
+			            void *vp);
+
+DESCRIPTION
+
+	This is parsing plugin function. It simply increments the value
+	found in the memory area pointed by vp. It assumes that
+	the memory area is allocated for the variable of size_t
+	type and that area was passed by (size_t *) pointer.
+	The value is incremented by len argument. Begin argument
+	is not used.
+
+	This function repports errors by sending human readable
+	messages to the standard error stream.
+
+RETURN VALUE
+
+	This function returns the variable size or -1 if an error
+	has occured, 0 if everything went good.
+
+4.4 ParsePlugin_builder
+
+NAME
+
+	ParsePlugin_builder
+
+SYNOPSIS
+
+	int    ParsePlugin_builder (const char *begin, size_t len,
+			            void *vp);
+
+DESCRIPTION
+
+	This is parsing plugin function. It simply copies len bytes
+	of a string pointed by begin to the end of memory area pointed by
+	vp. It assumes that the area pointed by vp is passed by (char **)
+	type pointer and refers to the (char *) pointer variable.
+	After each call it shifts the value of pointer variable (char *)
+	incrementing it by len bytes. Be careful when using this function
+	- its changes the given pointer value. Always operate on an
+	additional pointer type variable when passing it as the third
+	argument.
+
+RETURN VALUE
+
+	This function returns the variable size or -1 if an error
+	has occured, 0 if everything went good.
+
+4.5 parse_string
+
+NAME
+	parse_string
+
+SYNOPSIS
+
+	static char *parse_string (const char *source, struct var_data *vdt);
+
+DESCRIPTION
+
+	This function parses the string pointed with source according to the
+	replacement instructions set in var_data array, which is passed with
+	its pointer vdt. It produces changed string located in newly allocated
+	memory area.
+
+	This function calls parse_core() function with various parsing
+	subroutines passed as function pointers.
+	
+	1. It uses parse_core() with ParsePlugin_counter to obtain the
+	   total amount	of memory needed for the output string.
+	
+	2. It allocates the memory.
+	
+	3. It uses parse_core() with ParsePlugin_builder to build the
+	   output string.
+
+	This function repports errors by sending human readable
+	messages to the standard error stream.
+
+RETURN VALUE
+			   
+	Function returns pointer to the result buffer or NULL
+	if an error has occured.
+
+WARNINGS
+
+	This function allocates some amount of memory using standard
+	ANSI C routines. Memory allocated by this function should be
+	freed with free().
+
+
+4.6 validate_password
+
+NAME
+	validate_password
+
+SYNOPSIS
+
+	static const char *validate_password (const char *password);
+
+DESCRIPTION
+
+	This function checks whether password string does contain
+	any dangerous characters, which may be used to pass command
+	strings to the database connection stream. If it founds one
+	it replaces it by the backslash character.
+
+RETURN VALUE
+
+	It returns a pointer to the static buffer which contains
+	validated password string or NULL if an error has occured.
+
+
+4.7 get_localpart
+
+NAME
+	
+	get_localpart
+
+SYNOPSIS
+
+	static const char *get_localpart (const char *username);
+
+DESCRIPTION
+
+	This function detaches local part of an e-mail address
+	from string pointed with username and puts it to the
+	buffer of the fixed length. All necessary cleaning is
+	made on the result string.
+
+RETURN VALUE
+
+	Pointer to the static buffer containing local part or
+	NULL if there was some error.
+
+
+4.8 get_domain
+
+NAME
+
+	get_domain
+
+SYNOPSIS
+
+	static const char *get_domain (const char *username, 
+				       const char *defdomain);
+
+DESCRIPTION
+
+        This function detaches domain part of an e-mail address
+	from string pointed with username and puts it to the
+	buffer of the fixed length. All necessary cleaning is
+	made on the result string. If function cannot find domain
+	part in the string the string pointed by defdomain is
+	used instead.
+
+RETURN VALUE
+
+        Pointer to the static buffer containing domain name or
+	NULL if there was some error.
+
+
+4.9 parse_select_clause
+
+NAME
+
+	parse_select_clause
+
+SYNOPSIS
+
+	static char *parse_select_clause (const char *clause,
+					  const char *username,
+                                  	  const char *defdomain);
+
+DESCRIPTION
+
+	This function is a simple wrapper to the parse_string()
+	function. It parses a query pointed by caluse. username
+	and defdomain strings are used to replace corresponding
+	substitution strings if present in the query: $(local_part)
+	and $(domain).
+	
+
+RETURN VALUE
+
+	Same as parse_string().
+
+
+4.10 parse_chpass_clause
+
+NAME
+
+        parse_chpass_clause
+
+SYNOPSIS
+
+        static char *parse_chpass_clause (const char *clause,
+                                          const char *username,
+                                          const char *defdomain,
+					  const char *newpass,
+					  const char *newpass_crypt);
+								    
+DESCRIPTION
+
+	This function is a simple wrapper to the parse_string()
+	function. It parses a query pointed by caluse. username,
+	defdomain, newpass and newpass_crypt strings are used to
+	replace corresponding substitution strings if present in
+	the query: $(local_part), $(domain), $(newpass),
+	$(newpass_crypt).
+
+RETURN VALUE
+
+	Same as parse_string().
+
+
+
+
+
+		    *------------------------
+		     5 Ideas and TODO
+		    *------------------------
+
+- solve problem with fixed buffer length of local part and the domain part
+  strings after split						(problem?)
+- allow admin to set a group name instead of numerical group id
+- allow admin to set a username instead of numerical user id
+
+- add clauses:
+
+  - MYSQL_PRESELECT_CLAUSE (query which comes before MYSQL_SELECT_CLAUSE)
+  - MYSQL_POSTSELECT_CLAUSE (query which comes after MYSQL_SELECT_CLAUSE)
+
+
+
+
+
+		    *------------------------
+		     6 Thanks
+		    *------------------------
+
+At the beginning this patch was messy indeed. :> I would like to thank
+Sam Varshavchik for pointing me a lot how to make it more fast and solid.
+I would also thank Philip Hazel, Chris Lightfoot and Mike Bremford which
+by their software capabilities inspired me to write it.
+
+---------------------------------------------------------------------------
+
diff -Nur courier-imap-1.3.12.orig/authlib/authmysqllib.c courier-imap-1.3.12/authlib/authmysqllib.c
--- courier-imap-1.3.12.orig/authlib/authmysqllib.c	Mon Aug  6 05:12:39 2001
+++ courier-imap-1.3.12/authlib/authmysqllib.c	Sun Dec 30 01:41:00 2001
@@ -3,7 +3,6 @@
 ** distribution information.
 */
 
-
 #include	<stdio.h>
 #include	<stdlib.h>
 #include	<string.h>
@@ -18,8 +17,26 @@
 #include	"authmysqlrc.h"
 #include	"auth.h"
 
+/* siefca@pld.org.pl */
+#define		MAX_SUBSTITUTION_LEN	32
+#define		SV_BEGIN_MARK		"$("
+#define		SV_END_MARK		")"
+#define		SV_BEGIN_LEN		((sizeof(SV_BEGIN_MARK))-1)
+#define		SV_END_LEN		((sizeof(SV_END_MARK))-1)
+
 static const char rcsid[]="$Id$";
 
+/* siefca@pld.org.pl */
+struct var_data {			
+	const char *name;
+	const char *value;
+	const size_t size;
+	size_t value_length;
+	} ;
+
+/* siefca@pld.org.pl */
+typedef int (*parsefunc)(const char *, size_t, void *);
+
 static const char *read_env(const char *env)
 {
 static char *mysqlauth=0;
@@ -51,7 +68,13 @@
 
 		for (i=0; i<mysqlauth_size; i++)
 			if (mysqlauth[i] == '\n')
-				mysqlauth[i]=0;
+			{	/* siefca@pld.org.pl */
+				if (!i || mysqlauth[i-1] != '\\')
+					mysqlauth[i]	='\0';
+				else
+					mysqlauth[i]	=
+					mysqlauth[i-1]	= ' ';
+			}
 		fclose(f);
 	}
 
@@ -199,17 +222,370 @@
 		strcat(strcpy(p, "@"), defdomain);
 }
 
+/* siefca@pld.org.pl */
+static struct var_data *get_variable (const char *begin, size_t len,
+  		  	                   struct var_data *vdt)
+{
+struct var_data *vdp;
+
+	if (!begin || !vdt) /* should never happend */
+	{
+		fprintf (stderr, "authmysql: critical error while "
+				 "parsing substitution variable\n");
+		return NULL;
+	}
+	if (len < 1)
+	{
+		fprintf (stderr, "authmysql: unknown empty substitution "
+				 "variable - aborting\n");
+		return NULL;
+	}
+	if (len > MAX_SUBSTITUTION_LEN)
+	{
+		fprintf (stderr, "authmysql: variable name too long "
+				 "while parsing substitution\n"
+				 "authmysql: name begins with "
+				 SV_BEGIN_MARK
+				 "%.*s...\n", MAX_SUBSTITUTION_LEN, begin);
+		return NULL;
+	}
+	
+	for (vdp=vdt; vdp->name; vdp++)
+		if (vdp->size == len+1 &&
+		    !strncmp(begin, vdp->name, len))
+		{
+			if (!vdp->value)
+				vdp->value = "";
+			if (!vdp->value_length)		/* length cache */
+				vdp->value_length = strlen (vdp->value);
+			return vdp;
+		}
+	
+	fprintf (stderr, "authmysql: unknown substitution variable "
+			 SV_BEGIN_MARK
+			 "%.*s"
+			 SV_END_MARK
+			 "\n", len, begin);
+	
+	return NULL;
+}
+
+/* siefca@pld.org.pl */
+static int ParsePlugin_counter (const char *p, size_t length, void *vp)
+{
+	if (!p || !vp || length < 0)
+	{
+		fprintf (stderr, "authmysql: bad arguments while counting "
+				 "query string\n");
+		return -1;
+	}
+	
+	*((size_t *)vp) += length;
+   
+	return 0;
+}
+
+/* siefca@pld.org.pl */
+static int ParsePlugin_builder (const char *p, size_t length, void *vp)
+{
+char	**strptr = (char **) vp;
+
+	if (!p || !vp || length < 0)
+	{
+		fprintf (stderr, "authmysql: bad arguments while building "
+				 "query string\n");
+		return -1;
+	}
+	
+	if (!length) return 0;
+	memcpy ((void *) *strptr, (void *) p, length);
+	*strptr += length;
+	
+	return 0;
+}
+
+/* siefca@pld.org.pl */
+static int parse_core  (const char *source, struct var_data *vdt,
+			parsefunc outfn, void *result)
+{
+int	ret;
+size_t	v_size		= 0,
+	t_size		= 0;
+const char	*p, *q, *e,
+		*v_begin, *v_end,
+		*t_begin, *t_end;
+struct var_data	*v_ptr;
+
+	if (!source)
+		source = "";
+	if (!result)
+	{
+		fprintf (stderr, "authmysql: no memory allocated for result"
+				 "while parser core was invoked\n");
+		return -1;
+	}
+	if (!vdt)
+	{
+		fprintf (stderr, "authmysql: no substitution table found "
+				 "while parser core was invoked\n");
+		return -1;
+	}
+	
+	q = source;
+	while ( (p=strstr(q, SV_BEGIN_MARK)) )
+	{
+		e = strstr (p, SV_END_MARK);
+		if (!e)
+		{
+			fprintf (stderr, "authmysql: syntax error in "
+					 "substitution "
+					 "- no closing symbol fould!\n"
+					 "authmysql: bad variable begins with:"
+					 "%.*s...\n", MAX_SUBSTITUTION_LEN, p);
+			return -1;
+		}
+		
+		/*
+		 **
+		 **	     __________sometext$(variable_name)_________
+		 **	 	       |      |  |    	     |	
+		 **	        t_begin' t_end'  `v_begin    `v_end
+		 **
+		  */
+
+		v_begin	= p+SV_BEGIN_LEN; /* variable field ptr		    */
+		v_end	= e-SV_END_LEN;	  /* variable field last character  */
+		v_size	= v_end-v_begin+1;/* variable field length	    */
+		
+		t_begin	= q;		  /* text field ptr		    */
+		t_end	= p-1;		  /* text field last character	    */
+		t_size	= t_end-t_begin+1;/* text field length		    */
+
+		/* work on text */
+		if ( (outfn (t_begin, t_size, result)) == -1 )
+			return -1;
+		
+		/* work on variable */
+		v_ptr = get_variable (v_begin, v_size, vdt);
+		if (!v_ptr) return -1;
+		
+		if ( (outfn (v_ptr->value, v_ptr->value_length, result)) == -1 )
+			return -1;
+		
+		q = e + 1;
+	}
+
+	/* work on last part of text if any */
+	if (*q != '\0')
+		if ( (outfn (q, strlen(q), result)) == -1 )
+			return -1;
+
+	return 0;
+}
+
+/* siefca@pld.org.pl */
+static char *parse_string (const char *source, struct var_data *vdt)
+{
+char	*output_buf	= NULL,
+	*pass_buf	= NULL;
+size_t	buf_size	= 2;
+
+	if (source == NULL || *source == '\0' || 
+	    vdt == NULL    || vdt[0].name == NULL)
+	{
+		fprintf (stderr, "authmysql: source clause is empty "
+				 "- this is critical error\n");
+		return NULL;
+	}
+
+	/* phase 1 - count and validate string */
+	if ( (parse_core (source, vdt, &ParsePlugin_counter, &buf_size)) != 0)
+		return NULL;
+
+	/* phase 2 - allocate memory */
+	output_buf = malloc (buf_size);
+	if (!output_buf)
+	{
+		perror ("malloc");
+		return NULL;
+	}
+	pass_buf = output_buf;
+
+	/* phase 3 - build the output string */
+	if ( (parse_core (source, vdt, &ParsePlugin_builder, &pass_buf)) != 0)
+	{
+		free (output_buf);
+		return NULL;
+	}	
+	*pass_buf = '\0';
+	
+	return output_buf;
+}
+
+/* siefca@pld.org.pl */
+static const char *get_localpart (const char *username)
+{
+size_t		lbuf	= 0;
+const char	*l_end, *p;
+char		*q;
+static char	localpart_buf[130];
+	
+	if (!username || *username == '\0')	return NULL;
+	
+	p = strchr(username,'@');
+	if (p)
+	{
+		if ((p-username) > 128)
+			return NULL;
+		l_end = p;
+	}
+	else
+	{
+		if ((lbuf = strlen(username)) > 128)
+			return NULL;
+		l_end = username + lbuf;
+	}
+
+	p=username;
+	q=localpart_buf;
+	
+	while (*p && p != l_end)
+		if (*p == '\"' || *p == '\\' ||
+		    *p == '\'' || (int)(unsigned char)*p < ' ')
+			p++;
+		else
+			*q++ = *p++;
+
+	*q = '\0';
+	return localpart_buf;
+}
+
+/* siefca@pld.org.pl */
+static const char *get_domain (const char *username, const char *defdomain)
+{
+static char	domain_buf[260];
+const char	*p;
+char		*q;
+	
+	if (!username || *username == '\0')	return NULL;
+	p = strchr(username,'@');
+	
+	if (!p || *(p+1) == '\0')
+	{
+		if (defdomain && *defdomain)
+			return defdomain;
+		else
+			return NULL;
+	}
+
+	p++;
+	if ((strlen(p)) > 256)
+		return NULL;
+	
+	q = domain_buf;
+	while (*p)
+		if (*p == '\"' || *p == '\\' ||
+	    	    *p == '\'' || (int)(unsigned char)*p < ' ')
+			p++;
+		else
+			*q++ = *p++;
+
+	*q = '\0';
+	return domain_buf;
+}
+
+/* siefca@pld.org.pl */
+static const char *validate_password (const char *password)
+{
+static char	pass_buf[260];
+const char	*p;
+char		*q;
+	
+	if (!password || *password == '\0' || (strlen(password)) > 256)
+		return NULL;
+	
+	p = password;
+	q = pass_buf;
+	
+	while (*p)
+		if (*p == '\"' || *p == '\\' || *p == '\'')
+			*q++ = '\\';
+		else
+			*q++ = *p++;	
+	
+	*q = '\0';
+	return pass_buf;
+}
+
+
+/* siefca@pld.org.pl */
+static char *parse_select_clause (const char *clause, const char *username,
+				  const char *defdomain)
+{
+static struct var_data vd[]={
+	    {"local_part",	NULL,	sizeof("local_part"),	0},
+	    {"domain",		NULL,	sizeof("domain"),	0},
+	    {NULL,		NULL,	0,			0}};
+
+	if (clause == NULL || *clause == '\0' ||
+	    !username || *username == '\0')
+		return NULL;
+	
+	vd[0].value	= get_localpart (username);
+	vd[1].value	= get_domain (username, defdomain);
+	if (!vd[0].value || !vd[1].value)
+		return NULL;
+	
+	return (parse_string (clause, vd));
+}
+
+/* siefca@pld.org.pl */
+static char *parse_chpass_clause (const char *clause, const char *username,
+				  const char *defdomain, const char *newpass,
+				  const char *newpass_crypt)
+{
+static struct var_data vd[]={
+	    {"local_part",	NULL,	sizeof("local_part"),		0},
+	    {"domain",		NULL,	sizeof("domain"),		0},
+	    {"newpass",		NULL, 	sizeof("newpass"),		0},
+	    {"newpass_crypt",	NULL,	sizeof("newpass_crypt"),	0},
+	    {NULL,		NULL,	0,				0}};
+
+	if (clause == NULL || *clause == '\0'		||
+	    !username || *username == '\0'		||
+	    !newpass || *newpass == '\0'		||
+	    !newpass_crypt || *newpass_crypt == '\0')	return NULL;
+
+	vd[0].value	= get_localpart (username);
+	vd[1].value	= get_domain (username, defdomain);
+	vd[2].value	= validate_password (newpass);
+	vd[3].value	= validate_password (newpass_crypt);
+	
+	if (!vd[0].value || !vd[1].value ||
+	    !vd[2].value || !vd[3].value)	return NULL;
+
+	return (parse_string (clause, vd));
+}
+
 struct authmysqluserinfo *auth_mysql_getuserinfo(const char *username)
 {
-const char *user_table;
-const char *defdomain;
+const char *user_table	=NULL;
+const char *defdomain	=NULL;
 char	*querybuf, *p;
 MYSQL_ROW	row;
 MYSQL_RES	*result;
 
-const char *crypt_field, *clear_field, *maildir_field, *home_field,
-	*name_field,
-	*login_field, *uid_field, *gid_field, *quota_field, *where_clause;
+const char  *crypt_field	=NULL, 
+	    *clear_field	=NULL,
+	    *maildir_field	=NULL,
+	    *home_field		=NULL,
+	    *name_field		=NULL,
+	    *login_field	=NULL,
+	    *uid_field		=NULL,
+	    *gid_field		=NULL,
+	    *quota_field	=NULL,
+	    *where_clause	=NULL,
+	    *select_clause	=NULL; /* siefca@pld.org.pl */
 
 static const char query[]=
 	"SELECT %s, %s, %s, %s, %s, %s, %s, %s, %s FROM %s WHERE %s = \"";
@@ -232,79 +608,95 @@
 		free(ui.fullname);
 	memset(&ui, 0, sizeof(ui));
 
-	user_table=read_env("MYSQL_USER_TABLE");
-	defdomain=read_env("DEFAULT_DOMAIN");
-
-	if (!user_table)
+	select_clause=read_env("MYSQL_SELECT_CLAUSE");
+	defdomain=read_env("DEFAULT_DOMAIN");	
+	
+	if (!select_clause) /* siefca@pld.org.pl */
 	{
-		fprintf(stderr, "authmysql: MYSQL_USER_TABLE not set in "
-			AUTHMYSQLRC ".\n");
-		return (0);
-	}
+		user_table=read_env("MYSQL_USER_TABLE");
 
-	crypt_field=read_env("MYSQL_CRYPT_PWFIELD");
-	clear_field=read_env("MYSQL_CLEAR_PWFIELD");
-	name_field=read_env("MYSQL_NAME_FIELD");
+		if (!user_table)
+		{
+			fprintf(stderr, "authmysql: MYSQL_USER_TABLE not set in "
+				AUTHMYSQLRC ".\n");
+			return (0);
+		}
 
-	if (!crypt_field && !clear_field)
-	{
-		fprintf(stderr,
-			"authmysql: MYSQL_CRYPT_PWFIELD and "
-			"MYSQL_CLEAR_PWFIELD not set in " AUTHMYSQLRC ".\n");
-		return (0);
-	}
-	if (!crypt_field) crypt_field="\"\"";
-	if (!clear_field) clear_field="\"\"";
-	if (!name_field) name_field="\"\"";
+		crypt_field=read_env("MYSQL_CRYPT_PWFIELD");
+		clear_field=read_env("MYSQL_CLEAR_PWFIELD");
+		name_field=read_env("MYSQL_NAME_FIELD");
+
+		if (!crypt_field && !clear_field)
+		{
+			fprintf(stderr,
+				"authmysql: MYSQL_CRYPT_PWFIELD and "
+				"MYSQL_CLEAR_PWFIELD not set in " AUTHMYSQLRC ".\n");
+			return (0);
+		}
+		if (!crypt_field) crypt_field="\"\"";
+		if (!clear_field) clear_field="\"\"";
+		if (!name_field) name_field="\"\"";
 
-	uid_field = read_env("MYSQL_UID_FIELD");
-	if (!uid_field) uid_field = "uid";
+		uid_field = read_env("MYSQL_UID_FIELD");
+		if (!uid_field) uid_field = "uid";
 
-	gid_field = read_env("MYSQL_GID_FIELD");
-	if (!gid_field) gid_field = "gid";
+		gid_field = read_env("MYSQL_GID_FIELD");
+		if (!gid_field) gid_field = "gid";
 
-	login_field = read_env("MYSQL_LOGIN_FIELD");
-	if (!login_field) login_field = "id";
+		login_field = read_env("MYSQL_LOGIN_FIELD");
+		if (!login_field) login_field = "id";
 
-	home_field = read_env("MYSQL_HOME_FIELD");
-	if (!home_field) home_field = "home";
+		home_field = read_env("MYSQL_HOME_FIELD");
+		if (!home_field) home_field = "home";
 
-	maildir_field=read_env("MYSQL_MAILDIR_FIELD");
-	if (!maildir_field) maildir_field="\"\"";
+		maildir_field=read_env("MYSQL_MAILDIR_FIELD");
+		if (!maildir_field) maildir_field="\"\"";
 
-	quota_field=read_env("MYSQL_QUOTA_FIELD");
-	if (!quota_field) quota_field="\"\""; 
+		quota_field=read_env("MYSQL_QUOTA_FIELD");
+		if (!quota_field) quota_field="\"\""; 
 
-	where_clause=read_env("MYSQL_WHERE_CLAUSE");
-	if (!where_clause) where_clause = "";
+		where_clause=read_env("MYSQL_WHERE_CLAUSE");
+		if (!where_clause) where_clause = "";
+	}
 	
 	if (!defdomain)	defdomain="";
 
-	querybuf=malloc(sizeof(query) + 100 + strlen(user_table) + strlen(defdomain)
-		+ strlen(crypt_field) + strlen(clear_field) + strlen(maildir_field)
-		+ strlen(uid_field) + strlen(gid_field) + 2 * strlen(login_field)
-		+ strlen(home_field) + strlen(quota_field) + strlen(where_clause)
-			+ strlen(name_field));
-	if (!querybuf)
+	if (!select_clause) /* siefca@pld.org.pl */
 	{
-		perror("malloc");
-		return (0);
-	}
+		querybuf=malloc(sizeof(query) + 100 + strlen(user_table) + strlen(defdomain)
+			+ strlen(crypt_field) + strlen(clear_field) + strlen(maildir_field)
+			+ strlen(uid_field) + strlen(gid_field) + 2 * strlen(login_field)
+			+ strlen(home_field) + strlen(quota_field) + strlen(where_clause)
+			+ strlen(name_field));
+
+		if (!querybuf)
+		{
+			perror("malloc");
+			return (0);
+		}
+
+		sprintf(querybuf, query, login_field, crypt_field, clear_field, 
+			uid_field, gid_field, home_field, maildir_field, quota_field,
+			name_field, user_table, login_field);
 
-	sprintf(querybuf, query, login_field, crypt_field, clear_field, 
-		uid_field, gid_field, home_field, maildir_field, quota_field,
-		name_field, user_table, login_field);
-	p=querybuf+strlen(querybuf);
+		p=querybuf+strlen(querybuf);
 
-	append_username(p, username, defdomain);
-	strcat(p, "\"");
+		append_username(p, username, defdomain);
+		strcat(p, "\"");
 	
-	if (strcmp(where_clause, "")) {
-		strcat(p, " AND (");
-		strcat(p, where_clause);
-		strcat(p, ")");
+		if (strcmp(where_clause, "")) {
+			strcat(p, " AND (");
+			strcat(p, where_clause);
+			strcat(p, ")");
+		}
 	}
-	
+	else
+	{
+		/* siefca@pld.org.pl */
+		querybuf=parse_select_clause (select_clause, username, defdomain);
+		if (!querybuf) return 0;
+	}
+
 	if (mysql_query (mysql, querybuf))
 	{
 		/* <o.blasnik@nextra.de> */
@@ -379,12 +771,13 @@
 	const char *comma;
 	int rc=0;
 
-	const char *clear_field;
-	const char *crypt_field;
-	const char *defdomain;
-	const char *where_clause;
-	const char *user_table;
-	const char *login_field;
+	const char  *clear_field	=NULL,
+		    *crypt_field	=NULL,
+		    *defdomain		=NULL,
+		    *where_clause	=NULL,
+		    *user_table		=NULL,
+		    *login_field	=NULL,
+		    *chpass_clause	=NULL; /* siefca@pld.org.pl */
 
 	if (!mysql)
 		return (-1);
@@ -412,21 +805,34 @@
 		++l;
 	}
 
-	login_field = read_env("MYSQL_LOGIN_FIELD");
-	if (!login_field) login_field = "id";
-	crypt_field=read_env("MYSQL_CRYPT_PWFIELD");
-	clear_field=read_env("MYSQL_CLEAR_PWFIELD");
+	/* siefca@pld.org.pl */
+	chpass_clause=read_env("MYSQL_CHPASS_CLAUSE");
 	defdomain=read_env("DEFAULT_DOMAIN");
-	where_clause=read_env("MYSQL_WHERE_CLAUSE");
 	user_table=read_env("MYSQL_USER_TABLE");
-
-	sql_buf=malloc(strlen(crypt_field ? crypt_field:"")
-		       + strlen(clear_field ? clear_field:"")
-		       + strlen(defdomain ? defdomain:"")
-		       + strlen(login_field) + l + strlen(newpass_crypt)
-		       + strlen(user_table)
-		       + strlen(where_clause ? where_clause:"")
-		       + 200);
+	if (!chpass_clause)
+	{
+		login_field = read_env("MYSQL_LOGIN_FIELD");
+		if (!login_field) login_field = "id";
+		crypt_field=read_env("MYSQL_CRYPT_PWFIELD");
+		clear_field=read_env("MYSQL_CLEAR_PWFIELD");
+		where_clause=read_env("MYSQL_WHERE_CLAUSE");
+		sql_buf=malloc(strlen(crypt_field ? crypt_field:"")
+				+ strlen(clear_field ? clear_field:"")
+				+ strlen(defdomain ? defdomain:"")
+				+ strlen(login_field) + l + strlen(newpass_crypt)
+				+ strlen(user_table)
+				+ strlen(where_clause ? where_clause:"")
+				+ 200);
+	}
+	else
+	{
+		sql_buf=parse_chpass_clause(chpass_clause,
+					    user,
+					    defdomain,
+					    pass,
+					    newpass_crypt);
+	}
+	
 
 	if (!sql_buf)
 	{
@@ -434,53 +840,57 @@
 		return (-1);
 	}
 
-	sprintf(sql_buf, "UPDATE %s SET", user_table);
-
-	comma="";
-
-	if (clear_field && *clear_field)
+	if (!chpass_clause) /*siefca@pld.org.pl */
 	{
-		char *q;
+		sprintf(sql_buf, "UPDATE %s SET", user_table);
 
-		strcat(strcat(strcat(sql_buf, " "), clear_field),
-		       "=\"");
+		comma="";
 
-		q=sql_buf+strlen(sql_buf);
-		while (*pass)
+		if (clear_field && *clear_field)
 		{
-			if (*pass == '"' || *pass == '\\')
-				*q++= '\\';
-			*q++ = *pass++;
+			char *q;
+
+			strcat(strcat(strcat(sql_buf, " "), clear_field),
+		    		"=\"");
+
+			q=sql_buf+strlen(sql_buf);
+			while (*pass)
+			{
+				if (*pass == '"' || *pass == '\\')
+					*q++= '\\';
+				*q++ = *pass++;
+			}
+			strcpy(q, "\"");
+			comma=", ";
 		}
-		strcpy(q, "\"");
-		comma=", ";
-	}
 
-	if (crypt_field && *crypt_field)
-	{
-		strcat(strcat(strcat(strcat(strcat(strcat(sql_buf, comma),
-						   " "),
-					    crypt_field),
-				     "=\""),
-			      newpass_crypt_ptr),
-		       "\"");
-	}
-	free(newpass_crypt);
+		if (crypt_field && *crypt_field)
+		{
+			strcat(strcat(strcat(strcat(strcat(strcat(sql_buf, comma),
+							   " "),
+						    crypt_field),
+					     "=\""),
+			    	newpass_crypt_ptr),
+		    	     "\"");
+		}
+		free(newpass_crypt);
 
-	strcat(strcat(strcat(sql_buf, " WHERE "),
-		      login_field),
-	       "=\"");
+		strcat(strcat(strcat(sql_buf, " WHERE "),
+			      login_field),
+	    	    "=\"");
 
-	append_username(sql_buf+strlen(sql_buf), user, defdomain);
+		append_username(sql_buf+strlen(sql_buf), user, defdomain);
 
-	strcat(sql_buf, "\"");
+		strcat(sql_buf, "\"");
 
-	if (where_clause && *where_clause)
-	{
-		strcat(sql_buf, " AND (");
-		strcat(sql_buf, where_clause);
-		strcat(sql_buf, ")");
-	}
+		if (where_clause && *where_clause)
+		{
+			strcat(sql_buf, " AND (");
+			strcat(sql_buf, where_clause);
+			strcat(sql_buf, ")");
+		}
+		
+	} /* end of: if (!chpass_clause) */
 
 	if (mysql_query (mysql, sql_buf))
 	{
diff -Nur courier-imap-1.3.12.orig/authlib/authmysqlrc courier-imap-1.3.12/authlib/authmysqlrc
--- courier-imap-1.3.12.orig/authlib/authmysqlrc	Sun Oct  7 18:32:56 2001
+++ courier-imap-1.3.12/authlib/authmysqlrc	Fri Dec 28 02:08:01 2001
@@ -141,4 +141,65 @@
 #
 # MYSQL_WHERE_CLAUSE	server='mailhost.example.com'
 
-
+##NAME: MYSQL_SELECT_CLAUSE:0
+#
+# (EXPERIMENTAL)
+# This is optional, MYSQL_SELECT_CLAUSE can be set when you have a database,
+# which is structuraly different from proposed. The fixed string will
+# be used to do a SELECT operation on database, which should return fields
+# in order specified bellow:
+#
+# username, cryptpw, uid, gid, clearpw, home, maildir, quota, fullname
+#
+# Enabling this option causes ignorance of any other field-related
+# options, excluding default domain.
+#
+# There are two variables, which you can use. Substitution will be made
+# for them, so you can put entered username (local part) and domain name
+# in the right place of your query. These variables are:
+#	 	$(local_part) and $(domain)
+#
+# If a $(domain) is empty (not given by the remote user) the default domain
+# name is used in its place.
+#
+# This example is a little bit modified adaptation of vmail-sql
+# database scheme:
+#
+# MYSQL_SELECT_CLAUSE	SELECT popbox.local_part,			\
+#			CONCAT('{MD5}', popbox.password_hash),		\
+#			domain.uid,					\
+#			domain.gid,					\
+#			popbox.clearpw,					\
+#			CONCAT(domain.path, '/', popbox.mbox_name),	\
+#			'',						\
+#			domain.quota,					\
+#			'',						\
+#			FROM popbox, domain				\
+#			WHERE popbox.local_part = '$(local_part)'	\
+#			AND popbox.domain_name = '$(domain)'		\
+#			AND popbox.domain_name = domain.domain_name
+#
+##NAME: MYSQL_CHPASS_CLAUSE:0
+#
+# (EXPERIMENTAL)
+# This is optional, MYSQL_CHPASS_CLAUSE can be set when you have a database,
+# which is structuraly different from proposed. The fixed string will
+# be used to do an UPDATE operation on database. In other words, it is
+# used, when changing password.
+#
+# There are four variables, which you can use. Substitution will be made
+# for them, so you can put entered username (local part) and domain name
+# in the right place of your query. There variables are:
+# 	$(local_part) , $(domain) , $(newpass) , $(newpass_crypt)
+#
+# If a $(domain) is empty (not given by the remote user) the default domain
+# name is used in its place.
+# $(newpass) contains plain password
+# $(newpass_crypt) contains its crypted form
+#
+# MYSQL_CHPASS_CLAUSE	UPDATE	popbox					\
+#			SET	clearpw='$(newpass)',			\
+#				password_hash='$(newpass_crypt)'	\
+#			WHERE	local_part='$(local_part)'		\
+#			AND	domain_name='$(domain)'
+#