summaryrefslogtreecommitdiffabout
authorSergey Poznyakoff <gray@gnu.org>2014-05-18 08:25:40 (GMT)
committer Sergey Poznyakoff <gray@gnu.org>2014-05-18 08:25:40 (GMT)
commitbc0eeb7706bf5ba3d89f7f5e3563827c3981cc70 (patch) (side-by-side diff)
tree5ba01fa967b924d32d8520f041f5f73b7d2cd6bc
parent9087acb001afd6fefa0fe4f2e4fbdcb3ae524e02 (diff)
downloadanubis-bc0eeb7706bf5ba3d89f7f5e3563827c3981cc70.tar.gz
anubis-bc0eeb7706bf5ba3d89f7f5e3563827c3981cc70.tar.bz2
Support for MySQL options file.
* NEWS: Document the use of MySQL options file. * doc/anubis.texi: Document all anubisusr options. Describe the use of MySQL options file. * src/mysql.c (mysql_db_open): Use MySQL options file. Two new URL parameters: options-file and options-group. * src/usr.opt: New option --tls-priorities.
Diffstat (more/less context) (ignore whitespace changes)
-rw-r--r--NEWS9
-rw-r--r--doc/anubis.texi99
-rw-r--r--src/mysql.c23
-rw-r--r--src/usr.opt7
4 files changed, 117 insertions, 21 deletions
diff --git a/NEWS b/NEWS
index 7775aea..16f46b2 100644
--- a/NEWS
+++ b/NEWS
@@ -1,2 +1,2 @@
-GNU Anubis NEWS -- history of user-visible changes. 2014-05-16
+GNU Anubis NEWS -- history of user-visible changes. 2014-05-18
Copyright (C) 2001-2014 The Anubis Team.
@@ -73,2 +73,9 @@ syslog, using priorities `err' and `warning' correspondingly.
+* MySQL options file
+
+When using MySQL for Anubis user database, the database parameters and
+access credentials are read from the file /etc/my.cnf, section
+"anubis". Additionally, two URL parameters are provided:
+"options-file", which sets the name of the options file, and
+"options-group", which sets the name of the group.
diff --git a/doc/anubis.texi b/doc/anubis.texi
index 2167225..eec5cfc 100644
--- a/doc/anubis.texi
+++ b/doc/anubis.texi
@@ -611,7 +611,7 @@ differ from the default. The following parameters are defined:
-@table @var
-@item @var{port}=@var{number}
+@table @option
+@item port=@var{number}
Specifies port number the database server is listening on.
-If it is not given, the behavior depends on the value of
-@var{socket} parameter (see below). If @var{socket} is not present, the
+If it is not given, the behavior depends on the value of the
+@option{socket} parameter (see below). If @option{socket} is not present, the
program will use the default port number for the given protocol
@@ -619,7 +619,7 @@ program will use the default port number for the given protocol
-@item @var{socket}=@var{string}
+@item socket=@var{string}
Specifies the UNIX file name of the socket to connect to. This
-parameter cannot be used together with @var{port} (see above).
+parameter cannot be used together with @option{port} (see above).
-@item @var{bufsize}=@var{number}
+@item bufsize=@var{number}
Sets length of the buffer for storing SQL queries. Default is
@@ -627,3 +627,3 @@ Sets length of the buffer for storing SQL queries. Default is
-@item @var{table}=@var{string}
+@item table=@var{string}
Specifies name of the database table with the authentication
@@ -631,12 +631,12 @@ data. Default is @samp{users}.
-@item @var{authid}=@var{string}
-Specifies the name of a column in @var{table} which holds
+@item authid=@var{string}
+Specifies the name of a column in @option{table} which holds
@samp{AUTHID} value. Default is @samp{authid}.
-@item @var{passwd}=@var{string}
-Specifies the name of a column in @var{table} which holds
+@item passwd=@var{string}
+Specifies the name of a column in @option{table} which holds
the user password. Default is @samp{passwd}.
-@item @var{account}=@var{string}
-Specifies the name of a column in @var{table} which holds
+@item account=@var{string}
+Specifies the name of a column in @option{table} which holds
the name of system account to be used for this @samp{AUTHID}. Default
@@ -644,4 +644,4 @@ is @samp{account}.
-@item @var{rcfile}=@var{string}
-Specifies the name of a column in @var{table} which holds
+@item rcfile=@var{string}
+Specifies the name of a column in @option{table} which holds
the path to the user's configuration file. Default is @samp{rcfile}.
@@ -649,3 +649,33 @@ the path to the user's configuration file. Default is @samp{rcfile}.
@FIXME{An example, please.}
+@end table
+
+@cindex options file, MySQL
+@findex my.cnf
+@findex /etc/my.cnf
+When using a MySQL database (@samp{mysql://}), database parameters and
+access credentials are first read from the file @file{/etc/my.cnf}, if
+it exists. This file called @dfn{option file} in @samp{MySQL} parlance
+@ifhtml
+(see @uref{http://dev.mysql.com/doc/refman/5.0/en/option-files.html,
+option files}).
+@end ifhtml
+@ifnothtml
+(@pxref{option-files, Using Option Files,,mysql,MySQL Manual})
+@end ifnothtml
+is organized in groups, each group beginning with the group name in
+square brackets on a separate line. Within a group, each non-empty
+line consists of a MySQL option name, optionally followed by an equal
+sign and the value. By default, the values from the @samp{anubis}
+group are read.
+
+Two additional parameters are provided to fine-tune this behavior:
+@table @option
+@item options-file=@var{file}
+Read options from @var{file} instead of @file{/etc/my.cnf}. An
+empty value (@samp{options-file=}), disables using the options file.
+
+@item options-group=@var{name}
+Set the name of the group in the MySQL configuration file, from
+which to read configuration options.
@end table
@@ -955,2 +985,11 @@ to set a list of allowed mechanisms.
+@item --file=@var{file}
+@itemx -f @var{file}
+Sets the user configuration file name (default is @file{.anubisrc}).
+
+@item --netrc+@var{file}
+@itemx -n @var{file}
+Sets the name of the automatic login configuration file (default is
+@file{.netrc}).
+
@item -v
@@ -959,3 +998,29 @@ Verbose output. Multiple options increase verbosity. Maximum verbosity
level is 3.
+@end table
+
+Options controlling encryption:
+
+@table @option
+@item --disable-tls
+@itemx -d
+Disable the use of TLS encryption.
+
+@item --tls-cafile=@var{file}
+@itemx -C @var{file}
+Sets the name of certificate authority file to use when verifying the
+server certificate.
+@item --tls-priorities=@var{list}
+Sets cipher suite preferences to use. The @var{list} argument may
+contain a single initial keyword or be a colon-separated list of TLS
+keywords. The description of TLS keywords is well beyond the scope of
+this document. Please refer to @ref{Priority Strings,Priority
+Strings,,gnutls,GnuTLS Manual}, for a detailed discussion.
+
+Default priority list is @samp{NORMAL}.
+@end table
+
+Informational options:
+
+@table @option
@item --version
@@ -1581,2 +1646,4 @@ this document. Please refer to @ref{Priority Strings,Priority
Strings,,gnutls,GnuTLS Manual}, for a detailed discussion.
+
+Default priority list is @samp{NORMAL}.
@end deffn
diff --git a/src/mysql.c b/src/mysql.c
index 676618a..81ea62c 100644
--- a/src/mysql.c
+++ b/src/mysql.c
@@ -125,4 +125,4 @@ mysql_db_open (void **dp, ANUBIS_URL * url, enum anubis_db_mode mode,
const char *rcfile = anubis_url_get_arg (url, "rcfile");
- const char *portstr = anubis_url_get_arg (url, "port");
- const char *s = anubis_url_get_arg (url, "bufsize");
+ const char *s;
+ char *optfile;
int port = 0;
@@ -143,2 +143,3 @@ mysql_db_open (void **dp, ANUBIS_URL * url, enum anubis_db_mode mode,
+ s = anubis_url_get_arg (url, "bufsize");
if (s)
@@ -154,6 +155,7 @@ mysql_db_open (void **dp, ANUBIS_URL * url, enum anubis_db_mode mode,
- if (portstr)
+ s = anubis_url_get_arg (url, "port");
+ if (s)
{
char *p;
- port = strtoul (portstr, &p, 10);
+ port = strtoul (s, &p, 10);
if (*p)
@@ -171,2 +173,15 @@ mysql_db_open (void **dp, ANUBIS_URL * url, enum anubis_db_mode mode,
mysql_init (&mdata->mysql);
+
+ s = anubis_url_get_arg (url, "options-file");
+ if (!s) {
+ if (access ("/etc/my.cnf", F_OK) == 0)
+ s = "/etc/my.cnf";
+ }
+
+ if (s && *s) {
+ mysql_options (&mdata->mysql, MYSQL_READ_DEFAULT_FILE, s);
+ mysql_options(&mdata->mysql, MYSQL_READ_DEFAULT_GROUP,
+ s ? s : "anubis");
+ }
+
if (!mysql_real_connect (&mdata->mysql,
diff --git a/src/usr.opt b/src/usr.opt
index 72ab222..fa9d859 100644
--- a/src/usr.opt
+++ b/src/usr.opt
@@ -39,2 +39,9 @@ END
+OPTION(tls-priorities,,PRIO,Set TLS priorities)
+BEGIN
+#ifdef HAVE_TLS
+ secure.prio = optarg;
+#endif
+END
+
OPTION(file,f,FILE,

Return to:

Send suggestions and report system problems to the System administrator.