diff options
-rw-r--r-- | NEWS | 9 | ||||
-rw-r--r-- | doc/anubis.texi | 99 | ||||
-rw-r--r-- | src/mysql.c | 23 | ||||
-rw-r--r-- | src/usr.opt | 7 |
4 files changed, 117 insertions, 21 deletions
@@ -1,2 +1,2 @@ | |||
1 | GNU Anubis NEWS -- history of user-visible changes. 2014-05-16 | 1 | GNU Anubis NEWS -- history of user-visible changes. 2014-05-18 |
2 | Copyright (C) 2001-2014 The Anubis Team. | 2 | Copyright (C) 2001-2014 The Anubis Team. |
@@ -73,2 +73,9 @@ syslog, using priorities `err' and `warning' correspondingly. | |||
73 | 73 | ||
74 | * MySQL options file | ||
75 | |||
76 | When using MySQL for Anubis user database, the database parameters and | ||
77 | access credentials are read from the file /etc/my.cnf, section | ||
78 | "anubis". Additionally, two URL parameters are provided: | ||
79 | "options-file", which sets the name of the options file, and | ||
80 | "options-group", which sets the name of the group. | ||
74 | 81 | ||
diff --git a/doc/anubis.texi b/doc/anubis.texi index 2167225..eec5cfc 100644 --- a/doc/anubis.texi +++ b/doc/anubis.texi | |||
@@ -611,7 +611,7 @@ differ from the default. The following parameters are defined: | |||
611 | 611 | ||
612 | @table @var | 612 | @table @option |
613 | @item @var{port}=@var{number} | 613 | @item port=@var{number} |
614 | Specifies port number the database server is listening on. | 614 | Specifies port number the database server is listening on. |
615 | If it is not given, the behavior depends on the value of | 615 | If it is not given, the behavior depends on the value of the |
616 | @var{socket} parameter (see below). If @var{socket} is not present, the | 616 | @option{socket} parameter (see below). If @option{socket} is not present, the |
617 | program will use the default port number for the given protocol | 617 | program will use the default port number for the given protocol |
@@ -619,7 +619,7 @@ program will use the default port number for the given protocol | |||
619 | 619 | ||
620 | @item @var{socket}=@var{string} | 620 | @item socket=@var{string} |
621 | Specifies the UNIX file name of the socket to connect to. This | 621 | Specifies the UNIX file name of the socket to connect to. This |
622 | parameter cannot be used together with @var{port} (see above). | 622 | parameter cannot be used together with @option{port} (see above). |
623 | 623 | ||
624 | @item @var{bufsize}=@var{number} | 624 | @item bufsize=@var{number} |
625 | Sets length of the buffer for storing SQL queries. Default is | 625 | Sets length of the buffer for storing SQL queries. Default is |
@@ -627,3 +627,3 @@ Sets length of the buffer for storing SQL queries. Default is | |||
627 | 627 | ||
628 | @item @var{table}=@var{string} | 628 | @item table=@var{string} |
629 | Specifies name of the database table with the authentication | 629 | Specifies name of the database table with the authentication |
@@ -631,12 +631,12 @@ data. Default is @samp{users}. | |||
631 | 631 | ||
632 | @item @var{authid}=@var{string} | 632 | @item authid=@var{string} |
633 | Specifies the name of a column in @var{table} which holds | 633 | Specifies the name of a column in @option{table} which holds |
634 | @samp{AUTHID} value. Default is @samp{authid}. | 634 | @samp{AUTHID} value. Default is @samp{authid}. |
635 | 635 | ||
636 | @item @var{passwd}=@var{string} | 636 | @item passwd=@var{string} |
637 | Specifies the name of a column in @var{table} which holds | 637 | Specifies the name of a column in @option{table} which holds |
638 | the user password. Default is @samp{passwd}. | 638 | the user password. Default is @samp{passwd}. |
639 | 639 | ||
640 | @item @var{account}=@var{string} | 640 | @item account=@var{string} |
641 | Specifies the name of a column in @var{table} which holds | 641 | Specifies the name of a column in @option{table} which holds |
642 | the name of system account to be used for this @samp{AUTHID}. Default | 642 | the name of system account to be used for this @samp{AUTHID}. Default |
@@ -644,4 +644,4 @@ is @samp{account}. | |||
644 | 644 | ||
645 | @item @var{rcfile}=@var{string} | 645 | @item rcfile=@var{string} |
646 | Specifies the name of a column in @var{table} which holds | 646 | Specifies the name of a column in @option{table} which holds |
647 | the path to the user's configuration file. Default is @samp{rcfile}. | 647 | the path to the user's configuration file. Default is @samp{rcfile}. |
@@ -649,3 +649,33 @@ the path to the user's configuration file. Default is @samp{rcfile}. | |||
649 | @FIXME{An example, please.} | 649 | @FIXME{An example, please.} |
650 | @end table | ||
651 | |||
652 | @cindex options file, MySQL | ||
653 | @findex my.cnf | ||
654 | @findex /etc/my.cnf | ||
655 | When using a MySQL database (@samp{mysql://}), database parameters and | ||
656 | access credentials are first read from the file @file{/etc/my.cnf}, if | ||
657 | it exists. This file called @dfn{option file} in @samp{MySQL} parlance | ||
658 | @ifhtml | ||
659 | (see @uref{http://dev.mysql.com/doc/refman/5.0/en/option-files.html, | ||
660 | option files}). | ||
661 | @end ifhtml | ||
662 | @ifnothtml | ||
663 | (@pxref{option-files, Using Option Files,,mysql,MySQL Manual}) | ||
664 | @end ifnothtml | ||
665 | is organized in groups, each group beginning with the group name in | ||
666 | square brackets on a separate line. Within a group, each non-empty | ||
667 | line consists of a MySQL option name, optionally followed by an equal | ||
668 | sign and the value. By default, the values from the @samp{anubis} | ||
669 | group are read. | ||
670 | |||
671 | Two additional parameters are provided to fine-tune this behavior: | ||
650 | 672 | ||
673 | @table @option | ||
674 | @item options-file=@var{file} | ||
675 | Read options from @var{file} instead of @file{/etc/my.cnf}. An | ||
676 | empty value (@samp{options-file=}), disables using the options file. | ||
677 | |||
678 | @item options-group=@var{name} | ||
679 | Set the name of the group in the MySQL configuration file, from | ||
680 | which to read configuration options. | ||
651 | @end table | 681 | @end table |
@@ -955,2 +985,11 @@ to set a list of allowed mechanisms. | |||
955 | 985 | ||
986 | @item --file=@var{file} | ||
987 | @itemx -f @var{file} | ||
988 | Sets the user configuration file name (default is @file{.anubisrc}). | ||
989 | |||
990 | @item --netrc+@var{file} | ||
991 | @itemx -n @var{file} | ||
992 | Sets the name of the automatic login configuration file (default is | ||
993 | @file{.netrc}). | ||
994 | |||
956 | @item -v | 995 | @item -v |
@@ -959,3 +998,29 @@ Verbose output. Multiple options increase verbosity. Maximum verbosity | |||
959 | level is 3. | 998 | level is 3. |
999 | @end table | ||
1000 | |||
1001 | Options controlling encryption: | ||
960 | 1002 | ||
1003 | @table @option | ||
1004 | @item --disable-tls | ||
1005 | @itemx -d | ||
1006 | Disable the use of TLS encryption. | ||
1007 | |||
1008 | @item --tls-cafile=@var{file} | ||
1009 | @itemx -C @var{file} | ||
1010 | Sets the name of certificate authority file to use when verifying the | ||
1011 | server certificate. | ||
1012 | |||
1013 | @item --tls-priorities=@var{list} | ||
1014 | Sets cipher suite preferences to use. The @var{list} argument may | ||
1015 | contain a single initial keyword or be a colon-separated list of TLS | ||
1016 | keywords. The description of TLS keywords is well beyond the scope of | ||
1017 | this document. Please refer to @ref{Priority Strings,Priority | ||
1018 | Strings,,gnutls,GnuTLS Manual}, for a detailed discussion. | ||
1019 | |||
1020 | Default priority list is @samp{NORMAL}. | ||
1021 | @end table | ||
1022 | |||
1023 | Informational options: | ||
1024 | |||
1025 | @table @option | ||
961 | @item --version | 1026 | @item --version |
@@ -1581,2 +1646,4 @@ this document. Please refer to @ref{Priority Strings,Priority | |||
1581 | Strings,,gnutls,GnuTLS Manual}, for a detailed discussion. | 1646 | Strings,,gnutls,GnuTLS Manual}, for a detailed discussion. |
1647 | |||
1648 | Default priority list is @samp{NORMAL}. | ||
1582 | @end deffn | 1649 | @end deffn |
diff --git a/src/mysql.c b/src/mysql.c index 676618a..81ea62c 100644 --- a/src/mysql.c +++ b/src/mysql.c | |||
@@ -125,4 +125,4 @@ mysql_db_open (void **dp, ANUBIS_URL * url, enum anubis_db_mode mode, | |||
125 | const char *rcfile = anubis_url_get_arg (url, "rcfile"); | 125 | const char *rcfile = anubis_url_get_arg (url, "rcfile"); |
126 | const char *portstr = anubis_url_get_arg (url, "port"); | 126 | const char *s; |
127 | const char *s = anubis_url_get_arg (url, "bufsize"); | 127 | char *optfile; |
128 | int port = 0; | 128 | int port = 0; |
@@ -143,2 +143,3 @@ mysql_db_open (void **dp, ANUBIS_URL * url, enum anubis_db_mode mode, | |||
143 | 143 | ||
144 | s = anubis_url_get_arg (url, "bufsize"); | ||
144 | if (s) | 145 | if (s) |
@@ -154,6 +155,7 @@ mysql_db_open (void **dp, ANUBIS_URL * url, enum anubis_db_mode mode, | |||
154 | 155 | ||
155 | if (portstr) | 156 | s = anubis_url_get_arg (url, "port"); |
157 | if (s) | ||
156 | { | 158 | { |
157 | char *p; | 159 | char *p; |
158 | port = strtoul (portstr, &p, 10); | 160 | port = strtoul (s, &p, 10); |
159 | if (*p) | 161 | if (*p) |
@@ -171,2 +173,15 @@ mysql_db_open (void **dp, ANUBIS_URL * url, enum anubis_db_mode mode, | |||
171 | mysql_init (&mdata->mysql); | 173 | mysql_init (&mdata->mysql); |
174 | |||
175 | s = anubis_url_get_arg (url, "options-file"); | ||
176 | if (!s) { | ||
177 | if (access ("/etc/my.cnf", F_OK) == 0) | ||
178 | s = "/etc/my.cnf"; | ||
179 | } | ||
180 | |||
181 | if (s && *s) { | ||
182 | mysql_options (&mdata->mysql, MYSQL_READ_DEFAULT_FILE, s); | ||
183 | mysql_options(&mdata->mysql, MYSQL_READ_DEFAULT_GROUP, | ||
184 | s ? s : "anubis"); | ||
185 | } | ||
186 | |||
172 | if (!mysql_real_connect (&mdata->mysql, | 187 | if (!mysql_real_connect (&mdata->mysql, |
diff --git a/src/usr.opt b/src/usr.opt index 72ab222..fa9d859 100644 --- a/src/usr.opt +++ b/src/usr.opt | |||
@@ -39,2 +39,9 @@ END | |||
39 | 39 | ||
40 | OPTION(tls-priorities,,PRIO,Set TLS priorities) | ||
41 | BEGIN | ||
42 | #ifdef HAVE_TLS | ||
43 | secure.prio = optarg; | ||
44 | #endif | ||
45 | END | ||
46 | |||
40 | OPTION(file,f,FILE, | 47 | OPTION(file,f,FILE, |