Support for MySQL options file.

* NEWS: Document the use of MySQL options file.
* doc/anubis.texi: Document all anubisusr options.
Describe the use of MySQL options file.
* src/mysql.c (mysql_db_open): Use MySQL options file.
Two new URL parameters: options-file and options-group.
* src/usr.opt: New option --tls-priorities.

4 files changed, 117 insertions, 21 deletions

diff --git a/NEWS b/NEWS
index 7775aea..16f46b2 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,3 @@
-GNU Anubis NEWS -- history of user-visible changes. 2014-05-16
+GNU Anubis NEWS -- history of user-visible changes. 2014-05-18
 Copyright (C) 2001-2014 The Anubis Team.
 
@@ -72,4 +72,11 @@ By default Scheme's standard error and output ports are redirected to
 syslog, using priorities `err' and `warning' correspondingly.
 
+* MySQL options file
+
+When using MySQL for Anubis user database, the database parameters and
+access credentials are read from the file /etc/my.cnf, section
+"anubis".  Additionally, two URL parameters are provided:
+"options-file", which sets the name of the options file, and
+"options-group", which sets the name of the group.
 
 
diff --git a/doc/anubis.texi b/doc/anubis.texi
index 2167225..eec5cfc 100644
--- a/doc/anubis.texi
+++ b/doc/anubis.texi
@@ -610,43 +610,73 @@ default values, so you'll have to specify only those parameters that
 differ from the default. The following parameters are defined:
 
-@table @var
-@item @var{port}=@var{number}
+@table @option
+@item port=@var{number}
 Specifies port number the database server is listening on.
-If it is not given, the behavior depends on the value of
-@var{socket} parameter (see below). If @var{socket} is not present, the
+If it is not given, the behavior depends on the value of the
+@option{socket} parameter (see below). If @option{socket} is not present, the
 program will use the default port number for the given protocol
 (i.e. 3306 for @samp{mysql} and 5432 for @samp{pgsql}.
 
-@item @var{socket}=@var{string}
+@item socket=@var{string}
 Specifies the UNIX file name of the socket to connect to. This
-parameter cannot be used together with @var{port} (see above).
+parameter cannot be used together with @option{port} (see above).
 
-@item @var{bufsize}=@var{number}
+@item bufsize=@var{number}
 Sets length of the buffer for storing SQL queries. Default is
 1024 bytes.
 
-@item @var{table}=@var{string}
+@item table=@var{string}
 Specifies name of the database table with the authentication
 data. Default is @samp{users}.
 
-@item @var{authid}=@var{string}
-Specifies the name of a column in @var{table} which holds 
+@item authid=@var{string}
+Specifies the name of a column in @option{table} which holds 
 @samp{AUTHID} value. Default is @samp{authid}.
 
-@item @var{passwd}=@var{string}
-Specifies the name of a column in @var{table} which holds 
+@item passwd=@var{string}
+Specifies the name of a column in @option{table} which holds 
 the user password. Default is @samp{passwd}.
 
-@item @var{account}=@var{string}
-Specifies the name of a column in @var{table} which holds
+@item account=@var{string}
+Specifies the name of a column in @option{table} which holds
 the name of system account to be used for this @samp{AUTHID}. Default
 is @samp{account}.
 
-@item @var{rcfile}=@var{string}
-Specifies the name of a column in @var{table} which holds
+@item rcfile=@var{string}
+Specifies the name of a column in @option{table} which holds
 the path to the user's configuration file. Default is @samp{rcfile}.
 
 @FIXME{An example, please.}
+@end table
+
+@cindex options file, MySQL
+@findex my.cnf
+@findex /etc/my.cnf
+When using a MySQL database (@samp{mysql://}), database parameters and
+access credentials are first read from the file @file{/etc/my.cnf}, if
+it exists.  This file called @dfn{option file} in @samp{MySQL} parlance
+@ifhtml
+(see @uref{http://dev.mysql.com/doc/refman/5.0/en/option-files.html,
+option files}).
+@end ifhtml
+@ifnothtml
+(@pxref{option-files, Using Option Files,,mysql,MySQL Manual})
+@end ifnothtml
+is organized in groups, each group beginning with the group name in
+square brackets on a separate line.  Within a group, each non-empty
+line consists of a MySQL option name, optionally followed by an equal
+sign and the value.  By default, the values from the @samp{anubis}
+group are read.
+
+Two additional parameters are provided to fine-tune this behavior:
 
+@table @option
+@item options-file=@var{file}
+Read options from @var{file} instead of @file{/etc/my.cnf}.  An
+empty value (@samp{options-file=}), disables using the options file.
+
+@item options-group=@var{name}
+Set the name of the group in the MySQL configuration file, from
+which to read configuration options.     
 @end table
 
@@ -954,9 +984,44 @@ Use the SASL mechanism @var{mech}. Give this option several times
 to set a list of allowed mechanisms.
 
+@item --file=@var{file}
+@itemx -f @var{file}
+Sets the user configuration file name (default is @file{.anubisrc}).
+
+@item --netrc+@var{file}
+@itemx -n @var{file}
+Sets the name of the automatic login configuration file (default is
+@file{.netrc}).
+
 @item -v
 @itemx --verbose
 Verbose output. Multiple options increase verbosity. Maximum verbosity
 level is 3.
+@end table
+
+Options controlling encryption:
+  
+@table @option  
+@item --disable-tls
+@itemx -d
+Disable the use of TLS encryption.
+
+@item --tls-cafile=@var{file}
+@itemx -C @var{file}
+Sets the name of certificate authority file to use when verifying the
+server certificate.
 
+@item --tls-priorities=@var{list}
+Sets cipher suite preferences to use.  The @var{list} argument may
+contain a single initial keyword or be a colon-separated list of TLS
+keywords.  The description of TLS keywords is well beyond the scope of
+this document.  Please refer to @ref{Priority Strings,Priority
+Strings,,gnutls,GnuTLS Manual}, for a detailed discussion.
+
+Default priority list is @samp{NORMAL}.
+@end table
+  
+Informational options:  
+
+@table @option
 @item --version
 Display program version number and exit.
@@ -1580,4 +1645,6 @@ keywords.  The description of TLS keywords is well beyond the scope of
 this document.  Please refer to @ref{Priority Strings,Priority
 Strings,,gnutls,GnuTLS Manual}, for a detailed discussion.
+
+Default priority list is @samp{NORMAL}.
 @end deffn
 
diff --git a/src/mysql.c b/src/mysql.c
index 676618a..81ea62c 100644
--- a/src/mysql.c
+++ b/src/mysql.c
@@ -124,6 +124,6 @@ mysql_db_open (void **dp, ANUBIS_URL * url, enum anubis_db_mode mode,
   const char *user = anubis_url_get_arg (url, "account");
   const char *rcfile = anubis_url_get_arg (url, "rcfile");
-  const char *portstr = anubis_url_get_arg (url, "port");
-  const char *s = anubis_url_get_arg (url, "bufsize");
+  const char *s;
+  char *optfile;
   int port = 0;
   size_t bufsize = 1024;
@@ -142,4 +142,5 @@ mysql_db_open (void **dp, ANUBIS_URL * url, enum anubis_db_mode mode,
     rcfile = "rcfile";
 
+  s = anubis_url_get_arg (url, "bufsize");
   if (s)
     {
@@ -153,8 +154,9 @@ mysql_db_open (void **dp, ANUBIS_URL * url, enum anubis_db_mode mode,
     }
 
-  if (portstr)
+  s = anubis_url_get_arg (url, "port");
+  if (s)
     {
       char *p;
-      port = strtoul (portstr, &p, 10);
+      port = strtoul (s, &p, 10);
       if (*p)
 	{
@@ -170,4 +172,17 @@ mysql_db_open (void **dp, ANUBIS_URL * url, enum anubis_db_mode mode,
   amp->data = mdata;
   mysql_init (&mdata->mysql);
+
+  s = anubis_url_get_arg (url, "options-file");
+  if (!s) {
+	  if (access ("/etc/my.cnf", F_OK) == 0)
+		  s = "/etc/my.cnf";
+  }
+  
+  if (s && *s) {
+	  mysql_options (&mdata->mysql, MYSQL_READ_DEFAULT_FILE, s);
+	  mysql_options(&mdata->mysql, MYSQL_READ_DEFAULT_GROUP,
+			s ? s : "anubis");
+  }
+  
   if (!mysql_real_connect (&mdata->mysql,
 			   url->host, url->user, url->passwd,
diff --git a/src/usr.opt b/src/usr.opt
index 72ab222..fa9d859 100644
--- a/src/usr.opt
+++ b/src/usr.opt
@@ -38,4 +38,11 @@ BEGIN
 END
 
+OPTION(tls-priorities,,PRIO,Set TLS priorities)
+BEGIN
+#ifdef HAVE_TLS
+       secure.prio = optarg;
+#endif
+END
+
 OPTION(file,f,FILE,
        Set user configuration file name.)