Hi, On Tue, May 04, 2010 at 12:20:15PM +0200, Chris Wilson wrote: > Hi Mark, > > > This is fn_mail_user_get_active_smtp: > > > > CREATE FUNCTION fn_mail_user_get_active_smtp(character varying) RETURNS > > SETOF users > > LANGUAGE plpgsql > > AS $_$ > > > > DECLARE > > > > in_email ALIAS for $1; > > usercheck users%ROWTYPE; > > > > BEGIN > > > > SELECT INTO usercheck > > * > > FROM > > users > > WHERE > > userid || '@' || domain = lower(in_email) > > AND > > status IN (1,2) > > AND > > b_isadmin IS FALSE > > ORDER BY > > userid; > > > > RETURN NEXT usercheck; > > END;$_$; > > Do you have a race condition on the usercheck table where two login > attempts are happening simultaneously? How do rows get deleted from this > table? Why don't you use a plain simple SELECT() instead to avoid both > problems?
It's a stored procedure so shouldn't have any race condition issues. I've tested again and it is accepting BOTH a blank username and password as successful. We've added in an exception when the user is not found, which causes exim to receive an error and not accept blank username/password. This must be a problem with my Exim configuration though. If 0 row's are returned why isn't the authentication attempt rejected? Regards, Mark > > Cheers, Chris. > -- > _ ___ __ _ > / __/ / ,__(_)_ | Chris Wilson <0000 at qwirx.com> - Cambs UK | > / (_/ ,\/ _/ /_ \ | Security/C/C++/Java/Perl/SQL/HTML Developer | > \ _/_/_/_//_/___/ | We are GNU-free your mind-and your software | > > -- > ## List details at http://lists.exim.org/mailman/listinfo/exim-users > ## Exim details at http://www.exim.org/ > ## Please use the Wiki with this list - http://wiki.exim.org/ -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
