diff options
author | Sergey Poznyakoff <gray@gnu.org> | 2014-05-18 11:25:40 +0300 |
---|---|---|
committer | Sergey Poznyakoff <gray@gnu.org> | 2014-05-18 11:25:40 +0300 |
commit | bc0eeb7706bf5ba3d89f7f5e3563827c3981cc70 (patch) | |
tree | 5ba01fa967b924d32d8520f041f5f73b7d2cd6bc | |
parent | 9087acb001afd6fefa0fe4f2e4fbdcb3ae524e02 (diff) | |
download | anubis-bc0eeb7706bf5ba3d89f7f5e3563827c3981cc70.tar.gz anubis-bc0eeb7706bf5ba3d89f7f5e3563827c3981cc70.tar.bz2 |
Support for MySQL options file.
* NEWS: Document the use of MySQL options file.
* doc/anubis.texi: Document all anubisusr options.
Describe the use of MySQL options file.
* src/mysql.c (mysql_db_open): Use MySQL options file.
Two new URL parameters: options-file and options-group.
* src/usr.opt: New option --tls-priorities.
-rw-r--r-- | NEWS | 9 | ||||
-rw-r--r-- | doc/anubis.texi | 99 | ||||
-rw-r--r-- | src/mysql.c | 23 | ||||
-rw-r--r-- | src/usr.opt | 7 |
4 files changed, 117 insertions, 21 deletions
@@ -1,2 +1,2 @@ -GNU Anubis NEWS -- history of user-visible changes. 2014-05-16 +GNU Anubis NEWS -- history of user-visible changes. 2014-05-18 Copyright (C) 2001-2014 The Anubis Team. @@ -73,2 +73,9 @@ syslog, using priorities `err' and `warning' correspondingly. +* MySQL options file + +When using MySQL for Anubis user database, the database parameters and +access credentials are read from the file /etc/my.cnf, section +"anubis". Additionally, two URL parameters are provided: +"options-file", which sets the name of the options file, and +"options-group", which sets the name of the group. diff --git a/doc/anubis.texi b/doc/anubis.texi index 2167225..eec5cfc 100644 --- a/doc/anubis.texi +++ b/doc/anubis.texi @@ -611,7 +611,7 @@ differ from the default. The following parameters are defined: -@table @var -@item @var{port}=@var{number} +@table @option +@item port=@var{number} Specifies port number the database server is listening on. -If it is not given, the behavior depends on the value of -@var{socket} parameter (see below). If @var{socket} is not present, the +If it is not given, the behavior depends on the value of the +@option{socket} parameter (see below). If @option{socket} is not present, the program will use the default port number for the given protocol @@ -619,7 +619,7 @@ program will use the default port number for the given protocol -@item @var{socket}=@var{string} +@item socket=@var{string} Specifies the UNIX file name of the socket to connect to. This -parameter cannot be used together with @var{port} (see above). +parameter cannot be used together with @option{port} (see above). -@item @var{bufsize}=@var{number} +@item bufsize=@var{number} Sets length of the buffer for storing SQL queries. Default is @@ -627,3 +627,3 @@ Sets length of the buffer for storing SQL queries. Default is -@item @var{table}=@var{string} +@item table=@var{string} Specifies name of the database table with the authentication @@ -631,12 +631,12 @@ data. Default is @samp{users}. -@item @var{authid}=@var{string} -Specifies the name of a column in @var{table} which holds +@item authid=@var{string} +Specifies the name of a column in @option{table} which holds @samp{AUTHID} value. Default is @samp{authid}. -@item @var{passwd}=@var{string} -Specifies the name of a column in @var{table} which holds +@item passwd=@var{string} +Specifies the name of a column in @option{table} which holds the user password. Default is @samp{passwd}. -@item @var{account}=@var{string} -Specifies the name of a column in @var{table} which holds +@item account=@var{string} +Specifies the name of a column in @option{table} which holds the name of system account to be used for this @samp{AUTHID}. Default @@ -644,4 +644,4 @@ is @samp{account}. -@item @var{rcfile}=@var{string} -Specifies the name of a column in @var{table} which holds +@item rcfile=@var{string} +Specifies the name of a column in @option{table} which holds the path to the user's configuration file. Default is @samp{rcfile}. @@ -649,3 +649,33 @@ the path to the user's configuration file. Default is @samp{rcfile}. @FIXME{An example, please.} +@end table + +@cindex options file, MySQL +@findex my.cnf +@findex /etc/my.cnf +When using a MySQL database (@samp{mysql://}), database parameters and +access credentials are first read from the file @file{/etc/my.cnf}, if +it exists. This file called @dfn{option file} in @samp{MySQL} parlance +@ifhtml +(see @uref{http://dev.mysql.com/doc/refman/5.0/en/option-files.html, +option files}). +@end ifhtml +@ifnothtml +(@pxref{option-files, Using Option Files,,mysql,MySQL Manual}) +@end ifnothtml +is organized in groups, each group beginning with the group name in +square brackets on a separate line. Within a group, each non-empty +line consists of a MySQL option name, optionally followed by an equal +sign and the value. By default, the values from the @samp{anubis} +group are read. + +Two additional parameters are provided to fine-tune this behavior: +@table @option +@item options-file=@var{file} +Read options from @var{file} instead of @file{/etc/my.cnf}. An +empty value (@samp{options-file=}), disables using the options file. + +@item options-group=@var{name} +Set the name of the group in the MySQL configuration file, from +which to read configuration options. @end table @@ -955,2 +985,11 @@ to set a list of allowed mechanisms. +@item --file=@var{file} +@itemx -f @var{file} +Sets the user configuration file name (default is @file{.anubisrc}). + +@item --netrc+@var{file} +@itemx -n @var{file} +Sets the name of the automatic login configuration file (default is +@file{.netrc}). + @item -v @@ -959,3 +998,29 @@ Verbose output. Multiple options increase verbosity. Maximum verbosity level is 3. +@end table + +Options controlling encryption: + +@table @option +@item --disable-tls +@itemx -d +Disable the use of TLS encryption. + +@item --tls-cafile=@var{file} +@itemx -C @var{file} +Sets the name of certificate authority file to use when verifying the +server certificate. +@item --tls-priorities=@var{list} +Sets cipher suite preferences to use. The @var{list} argument may +contain a single initial keyword or be a colon-separated list of TLS +keywords. The description of TLS keywords is well beyond the scope of +this document. Please refer to @ref{Priority Strings,Priority +Strings,,gnutls,GnuTLS Manual}, for a detailed discussion. + +Default priority list is @samp{NORMAL}. +@end table + +Informational options: + +@table @option @item --version @@ -1581,2 +1646,4 @@ this document. Please refer to @ref{Priority Strings,Priority Strings,,gnutls,GnuTLS Manual}, for a detailed discussion. + +Default priority list is @samp{NORMAL}. @end deffn diff --git a/src/mysql.c b/src/mysql.c index 676618a..81ea62c 100644 --- a/src/mysql.c +++ b/src/mysql.c @@ -125,4 +125,4 @@ mysql_db_open (void **dp, ANUBIS_URL * url, enum anubis_db_mode mode, const char *rcfile = anubis_url_get_arg (url, "rcfile"); - const char *portstr = anubis_url_get_arg (url, "port"); - const char *s = anubis_url_get_arg (url, "bufsize"); + const char *s; + char *optfile; int port = 0; @@ -143,2 +143,3 @@ mysql_db_open (void **dp, ANUBIS_URL * url, enum anubis_db_mode mode, + s = anubis_url_get_arg (url, "bufsize"); if (s) @@ -154,6 +155,7 @@ mysql_db_open (void **dp, ANUBIS_URL * url, enum anubis_db_mode mode, - if (portstr) + s = anubis_url_get_arg (url, "port"); + if (s) { char *p; - port = strtoul (portstr, &p, 10); + port = strtoul (s, &p, 10); if (*p) @@ -171,2 +173,15 @@ mysql_db_open (void **dp, ANUBIS_URL * url, enum anubis_db_mode mode, mysql_init (&mdata->mysql); + + s = anubis_url_get_arg (url, "options-file"); + if (!s) { + if (access ("/etc/my.cnf", F_OK) == 0) + s = "/etc/my.cnf"; + } + + if (s && *s) { + mysql_options (&mdata->mysql, MYSQL_READ_DEFAULT_FILE, s); + mysql_options(&mdata->mysql, MYSQL_READ_DEFAULT_GROUP, + s ? s : "anubis"); + } + if (!mysql_real_connect (&mdata->mysql, diff --git a/src/usr.opt b/src/usr.opt index 72ab222..fa9d859 100644 --- a/src/usr.opt +++ b/src/usr.opt @@ -39,2 +39,9 @@ END +OPTION(tls-priorities,,PRIO,Set TLS priorities) +BEGIN +#ifdef HAVE_TLS + secure.prio = optarg; +#endif +END + OPTION(file,f,FILE, |