summaryrefslogtreecommitdiffabout
authorSergey Poznyakoff <gray@gnu.org>2014-05-18 08:25:40 (GMT)
committer Sergey Poznyakoff <gray@gnu.org>2014-05-18 08:25:40 (GMT)
commitbc0eeb7706bf5ba3d89f7f5e3563827c3981cc70 (patch) (side-by-side diff)
tree5ba01fa967b924d32d8520f041f5f73b7d2cd6bc
parent9087acb001afd6fefa0fe4f2e4fbdcb3ae524e02 (diff)
downloadanubis-bc0eeb7706bf5ba3d89f7f5e3563827c3981cc70.tar.gz
anubis-bc0eeb7706bf5ba3d89f7f5e3563827c3981cc70.tar.bz2
Support for MySQL options file.
* NEWS: Document the use of MySQL options file. * doc/anubis.texi: Document all anubisusr options. Describe the use of MySQL options file. * src/mysql.c (mysql_db_open): Use MySQL options file. Two new URL parameters: options-file and options-group. * src/usr.opt: New option --tls-priorities.
Diffstat (more/less context) (ignore whitespace changes)
-rw-r--r--NEWS9
-rw-r--r--doc/anubis.texi99
-rw-r--r--src/mysql.c23
-rw-r--r--src/usr.opt7
4 files changed, 117 insertions, 21 deletions
diff --git a/NEWS b/NEWS
index 7775aea..16f46b2 100644
--- a/NEWS
+++ b/NEWS
@@ -1,7 +1,7 @@
-GNU Anubis NEWS -- history of user-visible changes. 2014-05-16
+GNU Anubis NEWS -- history of user-visible changes. 2014-05-18
Copyright (C) 2001-2014 The Anubis Team.
See the end of file for copying conditions.
Please send your bug reports to <bug-anubis@gnu.org>.
@@ -68,12 +68,19 @@ END
* Guile output
By default Scheme's standard error and output ports are redirected to
syslog, using priorities `err' and `warning' correspondingly.
+* MySQL options file
+
+When using MySQL for Anubis user database, the database parameters and
+access credentials are read from the file /etc/my.cnf, section
+"anubis". Additionally, two URL parameters are provided:
+"options-file", which sets the name of the options file, and
+"options-group", which sets the name of the group.
* Version 4.1.1, 2008-12-20
** Automatic correction of MAIL and RCPT SMTP commands.
diff --git a/doc/anubis.texi b/doc/anubis.texi
index 2167225..eec5cfc 100644
--- a/doc/anubis.texi
+++ b/doc/anubis.texi
@@ -606,51 +606,81 @@ The database name is specified by the @var{dbname} element.
Any further details needed for connecting to the database are
given by @acronym{URL} parameters. All of them have reasonable
default values, so you'll have to specify only those parameters that
differ from the default. The following parameters are defined:
-@table @var
-@item @var{port}=@var{number}
+@table @option
+@item port=@var{number}
Specifies port number the database server is listening on.
-If it is not given, the behavior depends on the value of
-@var{socket} parameter (see below). If @var{socket} is not present, the
+If it is not given, the behavior depends on the value of the
+@option{socket} parameter (see below). If @option{socket} is not present, the
program will use the default port number for the given protocol
(i.e. 3306 for @samp{mysql} and 5432 for @samp{pgsql}.
-@item @var{socket}=@var{string}
+@item socket=@var{string}
Specifies the UNIX file name of the socket to connect to. This
-parameter cannot be used together with @var{port} (see above).
+parameter cannot be used together with @option{port} (see above).
-@item @var{bufsize}=@var{number}
+@item bufsize=@var{number}
Sets length of the buffer for storing SQL queries. Default is
1024 bytes.
-@item @var{table}=@var{string}
+@item table=@var{string}
Specifies name of the database table with the authentication
data. Default is @samp{users}.
-@item @var{authid}=@var{string}
-Specifies the name of a column in @var{table} which holds
+@item authid=@var{string}
+Specifies the name of a column in @option{table} which holds
@samp{AUTHID} value. Default is @samp{authid}.
-@item @var{passwd}=@var{string}
-Specifies the name of a column in @var{table} which holds
+@item passwd=@var{string}
+Specifies the name of a column in @option{table} which holds
the user password. Default is @samp{passwd}.
-@item @var{account}=@var{string}
-Specifies the name of a column in @var{table} which holds
+@item account=@var{string}
+Specifies the name of a column in @option{table} which holds
the name of system account to be used for this @samp{AUTHID}. Default
is @samp{account}.
-@item @var{rcfile}=@var{string}
-Specifies the name of a column in @var{table} which holds
+@item rcfile=@var{string}
+Specifies the name of a column in @option{table} which holds
the path to the user's configuration file. Default is @samp{rcfile}.
@FIXME{An example, please.}
+@end table
+
+@cindex options file, MySQL
+@findex my.cnf
+@findex /etc/my.cnf
+When using a MySQL database (@samp{mysql://}), database parameters and
+access credentials are first read from the file @file{/etc/my.cnf}, if
+it exists. This file called @dfn{option file} in @samp{MySQL} parlance
+@ifhtml
+(see @uref{http://dev.mysql.com/doc/refman/5.0/en/option-files.html,
+option files}).
+@end ifhtml
+@ifnothtml
+(@pxref{option-files, Using Option Files,,mysql,MySQL Manual})
+@end ifnothtml
+is organized in groups, each group beginning with the group name in
+square brackets on a separate line. Within a group, each non-empty
+line consists of a MySQL option name, optionally followed by an equal
+sign and the value. By default, the values from the @samp{anubis}
+group are read.
+
+Two additional parameters are provided to fine-tune this behavior:
+@table @option
+@item options-file=@var{file}
+Read options from @var{file} instead of @file{/etc/my.cnf}. An
+empty value (@samp{options-file=}), disables using the options file.
+
+@item options-group=@var{name}
+Set the name of the group in the MySQL configuration file, from
+which to read configuration options.
@end table
@node Managing the Database
@section Managing the Database
Managing the user database is a complex task, which looks differently
@@ -950,17 +980,52 @@ found, it will prompt you to supply them.
@table @option
@item -m @var{mech}
@itemx --mechanism @var{mech}
Use the SASL mechanism @var{mech}. Give this option several times
to set a list of allowed mechanisms.
+@item --file=@var{file}
+@itemx -f @var{file}
+Sets the user configuration file name (default is @file{.anubisrc}).
+
+@item --netrc+@var{file}
+@itemx -n @var{file}
+Sets the name of the automatic login configuration file (default is
+@file{.netrc}).
+
@item -v
@itemx --verbose
Verbose output. Multiple options increase verbosity. Maximum verbosity
level is 3.
+@end table
+
+Options controlling encryption:
+
+@table @option
+@item --disable-tls
+@itemx -d
+Disable the use of TLS encryption.
+
+@item --tls-cafile=@var{file}
+@itemx -C @var{file}
+Sets the name of certificate authority file to use when verifying the
+server certificate.
+@item --tls-priorities=@var{list}
+Sets cipher suite preferences to use. The @var{list} argument may
+contain a single initial keyword or be a colon-separated list of TLS
+keywords. The description of TLS keywords is well beyond the scope of
+this document. Please refer to @ref{Priority Strings,Priority
+Strings,,gnutls,GnuTLS Manual}, for a detailed discussion.
+
+Default priority list is @samp{NORMAL}.
+@end table
+
+Informational options:
+
+@table @option
@item --version
Display program version number and exit.
@item --help
Display short usage summary and exit.
@end table
@@ -1576,12 +1641,14 @@ this option does not require setting the @samp{ssl-key} and
@deffn Option ssl-priorities @var{list}
Sets cipher suite preferences to use. The @var{list} argument may
contain a single initial keyword or be a colon-separated list of TLS
keywords. The description of TLS keywords is well beyond the scope of
this document. Please refer to @ref{Priority Strings,Priority
Strings,,gnutls,GnuTLS Manual}, for a detailed discussion.
+
+Default priority list is @samp{NORMAL}.
@end deffn
@deffn Option ssl-cert @var{file-name}
Specify the certificate for the @acronym{TLS/SSL} encryption.
Default for @var{file-name} is @file{anubis.pem}.
diff --git a/src/mysql.c b/src/mysql.c
index 676618a..81ea62c 100644
--- a/src/mysql.c
+++ b/src/mysql.c
@@ -120,14 +120,14 @@ mysql_db_open (void **dp, ANUBIS_URL * url, enum anubis_db_mode mode,
struct anubis_sql_db *amp = NULL;
const char *table = anubis_url_get_arg (url, "table");
const char *authid = anubis_url_get_arg (url, "authid");
const char *passwd = anubis_url_get_arg (url, "passwd");
const char *user = anubis_url_get_arg (url, "account");
const char *rcfile = anubis_url_get_arg (url, "rcfile");
- const char *portstr = anubis_url_get_arg (url, "port");
- const char *s = anubis_url_get_arg (url, "bufsize");
+ const char *s;
+ char *optfile;
int port = 0;
size_t bufsize = 1024;
struct mysql_db_data *mdata;
/* Provide reasonable defaults */
if (!table)
@@ -138,27 +138,29 @@ mysql_db_open (void **dp, ANUBIS_URL * url, enum anubis_db_mode mode,
passwd = "passwd";
if (!user)
user = "account";
if (!rcfile)
rcfile = "rcfile";
+ s = anubis_url_get_arg (url, "bufsize");
if (s)
{
char *p;
bufsize = strtoul (s, &p, 10);
if (*p)
{
*errp = sql_open_error_text (ERR_BADBUFSIZE);
return ANUBIS_DB_FAIL;
}
}
- if (portstr)
+ s = anubis_url_get_arg (url, "port");
+ if (s)
{
char *p;
- port = strtoul (portstr, &p, 10);
+ port = strtoul (s, &p, 10);
if (*p)
{
*errp = sql_open_error_text (ERR_BADPORT);
return ANUBIS_DB_FAIL;
}
}
@@ -166,12 +168,25 @@ mysql_db_open (void **dp, ANUBIS_URL * url, enum anubis_db_mode mode,
amp = xzalloc (sizeof (*amp));
amp->buf = xmalloc (bufsize);
amp->bufsize = bufsize;
mdata = xmalloc (sizeof (*mdata));
amp->data = mdata;
mysql_init (&mdata->mysql);
+
+ s = anubis_url_get_arg (url, "options-file");
+ if (!s) {
+ if (access ("/etc/my.cnf", F_OK) == 0)
+ s = "/etc/my.cnf";
+ }
+
+ if (s && *s) {
+ mysql_options (&mdata->mysql, MYSQL_READ_DEFAULT_FILE, s);
+ mysql_options(&mdata->mysql, MYSQL_READ_DEFAULT_GROUP,
+ s ? s : "anubis");
+ }
+
if (!mysql_real_connect (&mdata->mysql,
url->host, url->user, url->passwd,
url->path, port,
anubis_url_get_arg (url, "socket"), 0))
{
free (amp->data);
diff --git a/src/usr.opt b/src/usr.opt
index 72ab222..fa9d859 100644
--- a/src/usr.opt
+++ b/src/usr.opt
@@ -34,12 +34,19 @@ OPTION(tls-cafile,C,FILE,
BEGIN
#ifdef HAVE_TLS
secure.cafile = optarg;
#endif
END
+OPTION(tls-priorities,,PRIO,Set TLS priorities)
+BEGIN
+#ifdef HAVE_TLS
+ secure.prio = optarg;
+#endif
+END
+
OPTION(file,f,FILE,
Set user configuration file name.)
BEGIN
rcfile_name = optarg;
END

Return to:

Send suggestions and report system problems to the System administrator.