)
AC_SUBST(db_port)
+dnl
+dnl Pickup MySQL SSL options for database user connection
+dnl
+db_ssl_options=
+AC_ARG_WITH(db_ssl_options,
+ AC_HELP_STRING([--with-db-ssl-options=DBSSLOPTIONS], [specify SSL options for database user connection @<:@default=null@:>@]),
+ [
+ if test "x$withval" != "x" ; then
+ db_ssl_options=$withval
+ fi
+ ]
+)
+AC_SUBST(db_ssl_options)
+
#
# Handle users and groups for each daemon
#
Database port: ${db_port}
Database name: ${db_name}
Database user: ${db_user}
+ Database SSL options: ${db_ssl_options}
Job Output Email: ${job_email}
Traceback Email: ${dump_email}
db_password
db_user
db_name
+db_ssl_options
mon_sd_password
mon_fd_password
mon_dir_password
with_db_user
with_db_password
with_db_port
+with_db_ssl_options
with_dir_user
with_dir_group
with_sd_user
fi
+fi
++db_ssl_options=
+
+
+
+# Check whether --with-db_ssl_options was given.
+if test "${with_db_ssl_options+set}" = set; then :
+ withval=$with_db_ssl_options;
+ if test "x$withval" != "x" ; then
+ db_ssl_options=$withval
+ fi
+
+
fi
Database port: ${db_port}
Database name: ${db_name}
Database user: ${db_user}
+ Database SSL options: ${db_ssl_options}
Job Output Email: ${job_email}
Traceback Email: ${dump_email}
char *m_db_driverdir; /* database driver dir */
int m_ref_count; /* reference count */
int m_db_port; /* port for host name address */
+ char *m_db_ssl_key; /* path name to the key file */
+ char *m_db_ssl_cert; /* path name to the certificate file */
+ char *m_db_ssl_ca; /* path name to the certificate authority file */
+ char *m_db_ssl_capath; /* path name to a directory that contains trusted SSL CA certificates in PEM format */
+ char *m_db_ssl_cipher; /* a list of permissible ciphers to use for SSL encryption */
bool m_disabled_batch_insert; /* explicitly disabled batch insert mode ? */
bool m_dedicated; /* is this connection dedicated? */
bool m_use_fatal_jmsg; /* use Jmsg(M_FATAL) after bad queries? */
result[i++] = str_to_int64(row[1]); /* JobId */
result[i++] = str_to_int64(row[2]); /* FilenameId */
result[i++] = str_to_int64(row[3]); /* PathId */
- }
+ }
i=0;
while (num > 0) {
Dmsg1(dbglevel_sql, "Can't exec q=%s\n", db->cmd);
}
}
-
+
#endif /* HAVE_SQLITE3 || HAVE_MYSQL || HAVE_POSTGRESQL */
/*
Bacula(R) - The Network Backup Solution
-
+
Copyright (C) 2000-2015 Kern Sibbald
Copyright (C) 2000-2014 Free Software Foundation Europe e.V.
-
+
The original author of Bacula is Kern Sibbald, with contributions
from many others, a complete list can be found in the file AUTHORS.
-
+
You may use this file and others of this release according to the
license defined in the LICENSE file, which includes the Affero General
Public License, v3.0 ("AGPLv3") and some additional permissions and
terms pursuant to its AGPLv3 Section 7.
-
+
This notice must be preserved when any source code is
conveyed and/or propagated.
*/
return db_init_database(jcr, mdb->m_db_driver, mdb->m_db_name,
mdb->m_db_user, mdb->m_db_password, mdb->m_db_address,
- mdb->m_db_port, mdb->m_db_socket, true,
+ mdb->m_db_port, mdb->m_db_socket,
+ mdb->m_db_ssl_key, mdb->m_db_ssl_cert,
+ mdb->m_db_ssl_ca, mdb->m_db_ssl_capath,
+ mdb->m_db_ssl_cipher, true,
mdb->m_disabled_batch_insert);
}
BDB *db_init_database(JCR *jcr, const char *db_driver, const char *db_name,
const char *db_user, const char *db_password, const char *db_address,
- int db_port, const char *db_socket, bool mult_db_connections,
- bool disable_batch_insert)
+ int db_port, const char *db_socket, const char *db_ssl_key,
+ const char *db_ssl_cert, const char *db_ssl_ca,
+ const char *db_ssl_capath, const char *db_ssl_cipher,
+ bool mult_db_connections, bool disable_batch_insert)
{
Jmsg(jcr, M_FATAL, 0, _("Please replace this null libbaccats library with a proper one.\n"));
return NULL;
if [ "$db_password" != "" ]; then
pass="identified by '$db_password'"
fi
-
+db_ssl_options=@db_ssl_options@
+if [ "$db_ssl_options" != "" ]; then
+ ssl_options="require $db_ssl_options"
+fi
+
if $bindir/mysql $* -u root -f <<END-OF-DATA
use mysql
-grant all privileges on ${db_name}.* to ${db_user}@localhost ${pass};
-grant all privileges on ${db_name}.* to ${db_user}@"%" ${pass};
+grant all privileges on ${db_name}.* to ${db_user}@localhost ${pass} ${ssl_options};
+grant all privileges on ${db_name}.* to ${db_user}@"%" ${pass} ${ssl_options};
select * from user;
flush privileges;
END-OF-DATA
*/
BDB *db_init_database(JCR *jcr, const char *db_driver, const char *db_name, const char *db_user,
const char *db_password, const char *db_address, int db_port, const char *db_socket,
+ const char *db_ssl_key, const char *db_ssl_cert, const char *db_ssl_ca,
+ const char *db_ssl_capath, const char *db_ssl_cipher,
bool mult_db_connections, bool disable_batch_insert)
{
BDB_MYSQL *mdb = NULL;
if (db_address) {
mdb->m_db_address = bstrdup(db_address);
}
- if (db_socket) {
+ if (db_socket) {
mdb->m_db_socket = bstrdup(db_socket);
}
+ if (db_ssl_key) {
+ mdb->m_db_ssl_key = bstrdup(db_ssl_key);
+ }
+ if (db_ssl_cert) {
+ mdb->m_db_ssl_cert = bstrdup(db_ssl_cert);
+ }
+ if (db_ssl_ca) {
+ mdb->m_db_ssl_ca = bstrdup(db_ssl_ca);
+ }
+ if (db_ssl_capath) {
+ mdb->m_db_ssl_capath = bstrdup(db_ssl_capath);
+ }
+ if (db_ssl_cipher) {
+ mdb->m_db_ssl_cipher = bstrdup(db_ssl_cipher);
+ }
mdb->m_db_port = db_port;
if (disable_batch_insert) {
mysql_init(&mdb->m_instance);
Dmsg0(50, "mysql_init done\n");
+
+ /*
+ * Sets the appropriate certificate options for
+ * establishing secure connection using SSL to the database.
+ */
+ if (mdb->m_db_ssl_key) {
+ mysql_ssl_set(&(mdb->m_instance),
+ mdb->m_db_ssl_key,
+ mdb->m_db_ssl_cert,
+ mdb->m_db_ssl_ca,
+ mdb->m_db_ssl_capath,
+ mdb->m_db_ssl_cipher);
+ }
+
/*
* If connection fails, try at 5 sec intervals for 30 seconds.
*/
Dmsg0(50, "mysql_real_connect done\n");
Dmsg3(50, "db_user=%s db_name=%s db_password=%s\n", mdb->m_db_user, mdb->m_db_name,
(mdb->m_db_password == NULL) ? "(NULL)" : mdb->m_db_password);
-
+
if (mdb->m_db_handle == NULL) {
Mmsg2(&mdb->errmsg, _("Unable to connect to MySQL server.\n"
"Database=%s User=%s\n"
goto get_out;
}
+ /* get the current cipher used for SSL connection */
+ if (mdb->m_db_ssl_key) {
+ const char *cipher;
+ if (mdb->m_db_ssl_cipher) {
+ free(mdb->m_db_ssl_cipher);
+ }
+ cipher = (const char *)mysql_get_ssl_cipher(&(mdb->m_instance));
+ if (cipher) {
+ mdb->m_db_ssl_cipher = bstrdup(cipher);
+ }
+ Dmsg1(50, "db_ssl_ciper=%s\n", (mdb->m_db_ssl_cipher == NULL) ? "(NULL)" : mdb->m_db_ssl_cipher);
+ }
+
mdb->m_connected = true;
if (!bdb_check_version(jcr)) {
goto get_out;
}
if (mdb->m_db_socket) {
free(mdb->m_db_socket);
- }
+ }
+ if (mdb->m_db_ssl_key) {
+ free(mdb->m_db_ssl_key);
+ }
+ if (mdb->m_db_ssl_cert) {
+ free(mdb->m_db_ssl_cert);
+ }
+ if (mdb->m_db_ssl_ca) {
+ free(mdb->m_db_ssl_ca);
+ }
+ if (mdb->m_db_ssl_capath) {
+ free(mdb->m_db_ssl_capath);
+ }
+ if (mdb->m_db_ssl_cipher) {
+ free(mdb->m_db_ssl_cipher);
+ }
delete mdb;
if (db_list->size() == 0) {
delete db_list;
* Initialize database data structure. In principal this should
* never have errors, or it is really fatal.
*/
-BDB *db_init_database(JCR *jcr, const char *db_driver, const char *db_name,
- const char *db_user, const char *db_password,
- const char *db_address, int db_port,
- const char *db_socket, bool mult_db_connections,
- bool disable_batch_insert)
+BDB *db_init_database(JCR *jcr, const char *db_driver, const char *db_name, const char *db_user,
+ const char *db_password, const char *db_address, int db_port, const char *db_socket,
+ const char *db_ssl_key, const char *db_ssl_cert, const char *db_ssl_ca,
+ const char *db_ssl_capath, const char *db_ssl_cipher,
+ bool mult_db_connections, bool disable_batch_insert)
{
BDB_POSTGRESQL *mdb = NULL;
BDB *db_init_database(JCR *jcr, const char *db_driver, const char *db_name,
const char *db_user, const char *db_password,
const char *db_address, int db_port,
- const char *db_socket, bool mult_db_connections, bool disable_batch_insert);
+ const char *db_socket, const char *db_ssl_key,
+ const char *db_ssl_cert, const char *db_ssl_ca,
+ const char *db_ssl_capath, const char *db_ssl_cipher,
+ bool mult_db_connections, bool disable_batch_insert);
/* Database prototypes and defines */
* Initialize database data structure. In principal this should
* never have errors, or it is really fatal.
*/
-BDB *db_init_database(JCR *jcr, const char *db_driver, const char *db_name,
- const char *db_user, const char *db_password,
- const char *db_address, int db_port,
- const char *db_socket, bool mult_db_connections,
- bool disable_batch_insert)
+BDB *db_init_database(JCR *jcr, const char *db_driver, const char *db_name, const char *db_user,
+ const char *db_password, const char *db_address, int db_port, const char *db_socket,
+ const char *db_ssl_key, const char *db_ssl_cert, const char *db_ssl_ca,
+ const char *db_ssl_capath, const char *db_ssl_cipher,
+ bool mult_db_connections, bool disable_batch_insert)
{
BDB_SQLITE *mdb = NULL;
catalog->db_user,
catalog->db_password, catalog->db_address,
catalog->db_port, catalog->db_socket,
+ catalog->db_ssl_key, catalog->db_ssl_cert, catalog->db_ssl_ca,
+ catalog->db_ssl_capath, catalog->db_ssl_cipher,
catalog->mult_db_connections,
catalog->disable_batch_insert);
if (!db || !db_open_database(NULL, db)) {
{"DbName", store_str, ITEM(res_cat.db_name), 0, ITEM_REQUIRED, 0},
{"dbdriver", store_str, ITEM(res_cat.db_driver), 0, 0, 0},
{"DbSocket", store_str, ITEM(res_cat.db_socket), 0, 0, 0},
+ {"dbsslkey", store_str, ITEM(res_cat.db_ssl_key), 0, 0, 0},
+ {"dbsslcert", store_str, ITEM(res_cat.db_ssl_cert), 0, 0, 0},
+ {"dbsslca", store_str, ITEM(res_cat.db_ssl_ca), 0, 0, 0},
+ {"dbsslcapath", store_str, ITEM(res_cat.db_ssl_capath), 0, 0, 0},
+ {"dbsslcipher", store_str, ITEM(res_cat.db_ssl_cipher), 0, 0, 0},
/* Turned off for the moment */
{"MultipleConnections", store_bit, ITEM(res_cat.mult_db_connections), 0, 0, 0},
{"DisableBatchInsert", store_bool, ITEM(res_cat.disable_batch_insert), 0, ITEM_DEFAULT, false},
if (res->res_cat.db_password) {
free(res->res_cat.db_password);
}
+ if (res->res_cat.db_ssl_key) {
+ free(res->res_cat.db_ssl_key);
+ }
+ if (res->res_cat.db_ssl_cert) {
+ free(res->res_cat.db_ssl_cert);
+ }
+ if (res->res_cat.db_ssl_ca) {
+ free(res->res_cat.db_ssl_ca);
+ }
+ if (res->res_cat.db_ssl_capath) {
+ free(res->res_cat.db_ssl_capath);
+ }
+ if (res->res_cat.db_ssl_cipher) {
+ free(res->res_cat.db_ssl_cipher);
+ }
break;
case R_FILESET:
if ((num=res->res_fs.num_includes)) {
char *db_user;
char *db_name;
char *db_driver; /* Select appropriate driver */
+ char *db_ssl_key; /* the path name to the key file */
+ char *db_ssl_cert; /* the path name to the certificate file */
+ char *db_ssl_ca; /* the path name to the certificate authority file */
+ char *db_ssl_capath; /* the path name to a directory that contains trusted SSL CA certificates in PEM format */
+ char *db_ssl_cipher; /* a list of permissible ciphers to use for SSL encryption */
uint32_t mult_db_connections; /* set for multiple db connections */
bool disable_batch_insert; /* set to disable batch inserts */
jcr->db = db_init_database(jcr, jcr->catalog->db_driver, jcr->catalog->db_name,
jcr->catalog->db_user, jcr->catalog->db_password,
jcr->catalog->db_address, jcr->catalog->db_port,
- jcr->catalog->db_socket, jcr->catalog->mult_db_connections,
+ jcr->catalog->db_socket, jcr->catalog->db_ssl_key,
+ jcr->catalog->db_ssl_cert, jcr->catalog->db_ssl_ca,
+ jcr->catalog->db_ssl_capath, jcr->catalog->db_ssl_cipher,
+ jcr->catalog->mult_db_connections,
jcr->catalog->disable_batch_insert);
if (!jcr->db || !db_open_database(jcr, jcr->db)) {
Jmsg(jcr, M_FATAL, 0, _("Could not open database \"%s\".\n"),
jcr->db = db_init_database(jcr, jcr->catalog->db_driver, jcr->catalog->db_name,
jcr->catalog->db_user, jcr->catalog->db_password,
jcr->catalog->db_address, jcr->catalog->db_port,
- jcr->catalog->db_socket, jcr->catalog->mult_db_connections,
+ jcr->catalog->db_socket, jcr->catalog->db_ssl_key,
+ jcr->catalog->db_ssl_cert, jcr->catalog->db_ssl_ca,
+ jcr->catalog->db_ssl_capath, jcr->catalog->db_ssl_cipher,
+ jcr->catalog->mult_db_connections,
jcr->catalog->disable_batch_insert);
if (!jcr->db || !db_open_database(jcr, jcr->db)) {
Jmsg(jcr, M_FATAL, 0, _("Could not open database \"%s\".\n"),
ua->catalog->db_user,
ua->catalog->db_password, ua->catalog->db_address,
ua->catalog->db_port, ua->catalog->db_socket,
+ ua->catalog->db_ssl_key, ua->catalog->db_ssl_cert,
+ ua->catalog->db_ssl_ca, ua->catalog->db_ssl_capath,
+ ua->catalog->db_ssl_cipher,
mult_db_conn, ua->catalog->disable_batch_insert);
if (!ua->db || !db_open_database(ua->jcr, ua->db)) {
ua->error_msg(_("Could not open catalog database \"%s\".\n"),
jcr->catalog->db_user,
jcr->catalog->db_password, jcr->catalog->db_address,
jcr->catalog->db_port, jcr->catalog->db_socket,
+ jcr->catalog->db_ssl_key, jcr->catalog->db_ssl_cert, jcr->catalog->db_ssl_ca,
+ jcr->catalog->db_ssl_capath, jcr->catalog->db_ssl_cipher,
jcr->catalog->mult_db_connections,
jcr->catalog->disable_batch_insert);
if (!jcr->db || !db_open_database(jcr, jcr->db)) {
static const char *db_user = "bacula";
static const char *db_password = "";
static const char *db_host = NULL;
+static const char *db_ssl_key = NULL;
+static const char *db_ssl_cert = NULL;
+static const char *db_ssl_ca = NULL;
+static const char *db_ssl_capath = NULL;
+static const char *db_ssl_cipher = NULL;
static int db_port = 0;
static const char *wd = NULL;
static bool update_db = false;
" -u <user> specify database user name (default bacula)\n"
" -P <password> specify database password (default none)\n"
" -h <host> specify database host (default NULL)\n"
+" -k <sslkey> path name to the key file (default NULL)\n"
+" -e <sslcert> path name to the certificate file (default NULL)\n"
+" -a <sslca> path name to the CA certificate file (default NULL)\n"
" -t <port> specify database port (default 0)\n"
" -p proceed inspite of I/O errors\n"
" -r list records\n"
OSDependentInit();
- while ((ch = getopt(argc, argv, "b:c:d:D:h:p:mn:pP:rsSt:u:vV:w:?")) != -1) {
+ while ((ch = getopt(argc, argv, "b:c:d:D:h:k:e:a:p:mn:pP:rsSt:u:vV:w:?")) != -1) {
switch (ch) {
case 'S' :
showProgress = true;
db_host = optarg;
break;
+ case 'k':
+ db_ssl_key = optarg;
+ break;
+
+ case 'e':
+ db_ssl_cert = optarg;
+ break;
+
+ case 'a':
+ db_ssl_ca = optarg;
+ break;
+
case 't':
db_port = atoi(optarg);
break;
}
db = db_init_database(NULL, db_driver, db_name, db_user, db_password,
- db_host, db_port, NULL, false, false);
+ db_host, db_port, NULL,
+ db_ssl_key, db_ssl_cert, db_ssl_ca,
+ db_ssl_capath, db_ssl_cipher,
+ false, false);
if (!db || !db_open_database(NULL, db)) {
Pmsg2(000, _("Could not open Catalog \"%s\", database \"%s\".\n"),
db_driver, db_name);
static const char *db_user = "bacula";
static const char *db_password = "";
static const char *db_host = NULL;
+static const char *db_ssl_key= NULL;
+static const char *db_ssl_cert= NULL;
+static const char *db_ssl_ca= NULL;
+static const char *db_ssl_capath= NULL;
+static const char *db_ssl_cipher= NULL;
static pthread_mutex_t mutex = PTHREAD_MUTEX_INITIALIZER;
" -u <user> specify database user name (default bacula)\n"
" -P <password specify database password (default none)\n"
" -h <host> specify database host (default NULL)\n"
+" -k <sslkey> path name to the key file (default NULL)\n"
+" -e <sslcert> path name to the certificate file (default NULL)\n"
+" -a <sslca> path name to the CA certificate file (default NULL)\n"
" -w <working> specify working directory\n"
" -r <jobids> call restore code with given jobids\n"
" -v verbose\n"
OSDependentInit();
- while ((ch = getopt(argc, argv, "bBh:c:d:n:P:Su:vf:w:r:?")) != -1) {
+ while ((ch = getopt(argc, argv, "bBh:k:e:a:c:d:n:P:Su:vf:w:r:?")) != -1) {
switch (ch) {
case 'r':
restore_list=bstrdup(optarg);
db_host = optarg;
break;
+ case 'k':
+ db_ssl_key = optarg;
+ break;
+
+ case 'e':
+ db_ssl_cert = optarg;
+ break;
+
+ case 'a':
+ db_ssl_ca = optarg;
+ break;
+
case 'n':
db_name = optarg;
break;
/* To use the -r option, the catalog should already contains records */
if ((db = db_init_database(NULL, NULL, db_name, db_user, db_password,
- db_host, 0, NULL, false, disable_batch)) == NULL) {
+ db_host, 0, NULL, db_ssl_key, db_ssl_cert,
+ db_ssl_ca, db_ssl_capath, db_ssl_cipher,
+ false, disable_batch)) == NULL) {
Emsg0(M_ERROR_TERM, 0, _("Could not init Bacula database\n"));
}
if (!db_open_database(NULL, db)) {
pm_strcpy(bjcr->fileset_md5, "Dummy.fileset.md5");
if ((db = db_init_database(NULL, NULL, db_name, db_user, db_password,
- db_host, 0, NULL, false, false)) == NULL) {
+ db_host, 0, NULL, db_ssl_key, db_ssl_cert,
+ db_ssl_ca, db_ssl_capath, db_ssl_cipher,
+ false, false)) == NULL) {
Emsg0(M_ERROR_TERM, 0, _("Could not init Bacula database\n"));
}
if (!db_open_database(NULL, db)) {
static const char *db_user = "regress";
static const char *db_password = "";
static const char *db_host = NULL;
+static const char *db_ssl_key = NULL;
+static const char *db_ssl_cert = NULL;
+static const char *db_ssl_ca = NULL;
+static const char *db_ssl_capath = NULL;
+static const char *db_ssl_cipher = NULL;
static void usage()
{
" -u <user> specify database user name (default bacula)\n"
" -P <password specify database password (default none)\n"
" -h <host> specify database host (default NULL)\n"
+" -k <sslkey> path name to the key file (default NULL)\n"
+" -e <sslcert> path name to the certificate file (default NULL)\n"
+" -a <sslca> path name to the CA certificate file (default NULL)\n"
" -w <working> specify working directory\n"
" -j <jobids> specify jobids\n"
" -p <path> specify path\n"
OSDependentInit();
- while ((ch = getopt(argc, argv, "h:c:l:d:n:P:Su:vf:w:?j:p:f:T")) != -1) {
+ while ((ch = getopt(argc, argv, "h:k:e:a:c:l:d:n:P:Su:vf:w:?j:p:f:T")) != -1) {
switch (ch) {
case 'd': /* debug level */
if (*optarg == 't') {
db_host = optarg;
break;
+ case 'k':
+ db_ssl_key= optarg;
+ break;
+
+ case 'e':
+ db_ssl_cert= optarg;
+ break;
+
+ case 'a':
+ db_ssl_ca= optarg;
+ break;
+
case 'n':
db_name = optarg;
break;
bstrncpy(bjcr->Job, "bvfs_test", sizeof(bjcr->Job));
if ((db = db_init_database(NULL, NULL, db_name, db_user, db_password,
- db_host, 0, NULL, false, false)) == NULL) {
+ db_host, 0, NULL,
+ db_ssl_key, db_ssl_cert, db_ssl_ca,
+ db_ssl_capath, db_ssl_cipher,
+ false, false)) == NULL) {
Emsg0(M_ERROR_TERM, 0, _("Could not init Bacula database\n"));
}
Dmsg1(0, "db_type=%s\n", db_get_engine_name(db));
NULL /* dbi driver */,
db_name, db_user, db_password, db_address, db_port + 100,
NULL /* db_socket */,
+ db_ssl_key, db_ssl_cert, db_ssl_ca,
+ db_ssl_capath, db_ssl_cipher,
0 /* mult_db_connections */, false);
ok(db != NULL, "Test bad connection");
if (!db) {
NULL /* dbi driver */,
db_name, db_user, db_password, db_address, db_port,
NULL /* db_socket */,
+ db_ssl_key, db_ssl_cert, db_ssl_ca,
+ db_ssl_capath, db_ssl_cipher,
false /* mult_db_connections */, false);
ok(db != NULL, "Test db connection");
fprintf(stderr,
PROG_COPYRIGHT
"\n%sVersion: %s (%s)\n\n"
-"Usage: dbcheck [-c config ] [-B] [-C catalog name] [-d debug_level] <working-directory> <bacula-database> <user> <password> [<dbhost>] [<dbport>]\n"
+"Usage: dbcheck [-c config ] [-B] [-C catalog name] [-d debug_level] <working-directory> <bacula-database> <user> <password> [<dbhost>] [<dbport>] [<dbport>] [<dbsslkey>] [<dbsslcert>] [<dbsslca>]\n"
" -b batch mode\n"
" -C catalog name in the director conf file\n"
" -c Director conf filename\n"
{
int ch;
const char *user, *password, *db_name, *dbhost;
+ const char *dbsslkey = NULL, *dbsslcert = NULL, *dbsslca = NULL;
+ const char *dbsslcapath = NULL, *dbsslcipher = NULL;
int dbport = 0;
bool print_catalog=false;
char *configfile = NULL;
dbhost = NULL;
}
dbport = catalog->db_port;
+ dbsslkey = catalog->db_ssl_key;
+ dbsslcert = catalog->db_ssl_cert;
+ dbsslca = catalog->db_ssl_ca;
+ dbsslcapath = catalog->db_ssl_capath;
+ dbsslcipher = catalog->db_ssl_cipher;
}
} else {
- if (argc > 6) {
+ if (argc > 9) {
Pmsg0(0, _("Wrong number of arguments.\n"));
usage();
}
password = "";
dbhost = NULL;
- if (argc == 2) {
+ if (argc >= 2) {
db_name = argv[1];
user = db_name;
- } else if (argc == 3) {
- db_name = argv[1];
- user = argv[2];
- } else if (argc == 4) {
- db_name = argv[1];
- user = argv[2];
- password = argv[3];
- } else if (argc == 5) {
- db_name = argv[1];
- user = argv[2];
- password = argv[3];
- dbhost = argv[4];
- } else if (argc == 6) {
- db_name = argv[1];
- user = argv[2];
- password = argv[3];
- dbhost = argv[4];
- errno = 0;
- dbport = strtol(argv[5], &endptr, 10);
- if (*endptr != '\0') {
- Pmsg0(0, _("Database port must be a numeric value.\n"));
- exit(1);
- } else if (errno == ERANGE) {
- Pmsg0(0, _("Database port must be a int value.\n"));
- exit(1);
- }
- }
+ if (argc >= 3) {
+ user = argv[2];
+ if (argc >= 4) {
+ password = argv[3];
+ if (argc >= 5) {
+ dbhost = argv[4];
+ if (argc >= 6) {
+ errno = 0;
+ dbport = strtol(argv[5], &endptr, 10);
+ if (*endptr != '\0') {
+ Pmsg0(0, _("Database port must be a numeric value.\n"));
+ exit(1);
+ } else if (errno == ERANGE) {
+ Pmsg0(0, _("Database port must be a int value.\n"));
+ exit(1);
+ }
+ if (argc >= 7) {
+ dbsslkey = argv[6];
+ dbsslcert = argv[7];
+ if (argc == 9) {
+ dbsslca = argv[8];
+ } /* if (argc == 9) */
+ } /* if (argc >= 7) */
+ } /* if (argc >= 6) */
+ } /* if (argc >= 5) */
+ } /* if (argc >= 4) */
+ } /* if (argc >= 3) */
+ } /* if (argc >= 2) */
}
/*
* Open database
*/
- db = db_init_database(NULL, NULL, db_name, user, password, dbhost, dbport, NULL, false, false);
+ db = db_init_database(NULL, NULL, db_name, user, password, dbhost, dbport, NULL, dbsslkey, dbsslcert, dbsslca, dbsslcapath, dbsslcipher, false, false);
if (!db || !db_open_database(NULL, db)) {
Emsg1(M_FATAL, 0, "%s", db_strerror(db));
return 1;
db = db_init_database(NULL, catalog->db_driver, catalog->db_name, catalog->db_user,
catalog->db_password, catalog->db_address,
catalog->db_port, catalog->db_socket,
+ catalog->db_ssl_key, catalog->db_ssl_cert, catalog->db_ssl_ca,
+ catalog->db_ssl_capath, catalog->db_ssl_cipher,
catalog->mult_db_connections,
catalog->disable_batch_insert);
if (db) {
projects / bacula / bacula / commitdiff