enable_cproxy = true;
enable_explain = false;
explain_doc = 0;
+ cqlt = 0;
}
yf::Zoom::Backend::~Backend()
}
}
+std::string escape_cql_term(std::string inp)
+{
+ std::string res;
+ size_t l = inp.length();
+ size_t i;
+ for (i = 0; i < l; i++)
+ {
+ if (strchr("*?^\"", inp[i]))
+ res += "\\";
+ res += inp[i];
+ }
+ return res;
+}
+
void yf::Zoom::Frontend::auth(mp::Package &package, Z_InitRequest *req,
int *error, char **addinfo, ODR odr)
{
yaz_log(YLOG_LOG, "IP=%s", ip.c_str());
std::string torus_query;
+ int failure_code;
if (user.length() && password.length())
{
- torus_query = "userName==" + user + " and password==" + password;
+ torus_query = "userName==\"" + escape_cql_term(user) +
+ "\" and password==\"" + escape_cql_term(password) + "\"";
+ failure_code = YAZ_BIB1_INIT_AC_BAD_USERID_AND_OR_PASSWORD;
}
else
{
ip_cstr = cp + 1;
torus_query = "ip encloses/net.ipaddress \"";
- torus_query += ip_cstr;
+ torus_query += escape_cql_term(std::string(ip_cstr));
torus_query += "\"";
+ failure_code = YAZ_BIB1_INIT_AC_BLOCKED_NETWORK_ADDRESS;
}
std::string dummy_db;
torus_query, dummy_realm, m_p->proxy);
if (!doc)
{
- *error = YAZ_BIB1_UNSPECIFIED_ERROR;
+ // something fundamental broken in lookup.
+ *error = YAZ_BIB1_TEMPORARY_SYSTEM_ERROR;
*addinfo = odr_strdup(odr, "Torus server unavailable or "
"incorrectly configured");
return;
}
if (!ptr)
{
- *error = YAZ_BIB1_INIT_AC_BAD_USERID_AND_OR_PASSWORD;
+ *error = failure_code;
return;
}
session_realm = mp::xml::get_text(ptr);