From 12d9c514864c1519d4f0c4e8ecce795ac7140f60 Mon Sep 17 00:00:00 2001 From: Ana Emilia Machado de Arruda Date: Fri, 29 Jan 2016 19:38:56 +0100 Subject: [PATCH] Add SSL connections to database (PostgreSQL) open code --- bacula/src/cats/bdb.h | 1 + bacula/src/cats/cats.c | 8 ++-- bacula/src/cats/cats_null.c | 3 +- bacula/src/cats/mysql.c | 11 +++++- bacula/src/cats/postgresql.c | 74 ++++++++++++++++++++++++++++++------ bacula/src/cats/protos.h | 3 +- bacula/src/cats/sqlite.c | 3 +- bacula/src/dird/dird.c | 3 +- bacula/src/dird/dird_conf.c | 5 +++ bacula/src/dird/dird_conf.h | 1 + bacula/src/dird/job.c | 14 ++++--- bacula/src/dird/ua_cmds.c | 8 ++-- bacula/src/dird/ua_output.c | 3 +- bacula/src/stored/bscan.c | 24 ++++++++++-- bacula/src/tools/bbatch.c | 29 +++++++++----- bacula/src/tools/bvfs_test.c | 10 ++++- bacula/src/tools/cats_test.c | 8 ++-- bacula/src/tools/dbcheck.c | 51 ++++++++++++++++++++----- 18 files changed, 198 insertions(+), 61 deletions(-) diff --git a/bacula/src/cats/bdb.h b/bacula/src/cats/bdb.h index d3b4535415..1a48467e1a 100644 --- a/bacula/src/cats/bdb.h +++ b/bacula/src/cats/bdb.h @@ -61,6 +61,7 @@ public: char *m_db_driverdir; /* database driver dir */ int m_ref_count; /* reference count */ int m_db_port; /* port for host name address */ + char *m_db_ssl_mode; /* security mode of the connection to the server */ char *m_db_ssl_key; /* path name to the key file */ char *m_db_ssl_cert; /* path name to the certificate file */ char *m_db_ssl_ca; /* path name to the certificate authority file */ diff --git a/bacula/src/cats/cats.c b/bacula/src/cats/cats.c index 3cfbaedad9..d7469fe4cd 100644 --- a/bacula/src/cats/cats.c +++ b/bacula/src/cats/cats.c @@ -71,10 +71,10 @@ BDB *BDB::bdb_clone_database_connection(JCR *jcr, bool mult_db_connections) return db_init_database(jcr, mdb->m_db_driver, mdb->m_db_name, mdb->m_db_user, mdb->m_db_password, mdb->m_db_address, mdb->m_db_port, mdb->m_db_socket, - mdb->m_db_ssl_key, mdb->m_db_ssl_cert, - mdb->m_db_ssl_ca, mdb->m_db_ssl_capath, - mdb->m_db_ssl_cipher, true, - mdb->m_disabled_batch_insert); + mdb->m_db_ssl_mode, mdb->m_db_ssl_key, + mdb->m_db_ssl_cert, mdb->m_db_ssl_ca, + mdb->m_db_ssl_capath, mdb->m_db_ssl_cipher, + true, mdb->m_disabled_batch_insert); } const char *BDB::bdb_get_engine_name(void) diff --git a/bacula/src/cats/cats_null.c b/bacula/src/cats/cats_null.c index f5c360ac94..ac68388dfc 100644 --- a/bacula/src/cats/cats_null.c +++ b/bacula/src/cats/cats_null.c @@ -26,7 +26,8 @@ BDB *db_init_database(JCR *jcr, const char *db_driver, const char *db_name, const char *db_user, const char *db_password, const char *db_address, - int db_port, const char *db_socket, const char *db_ssl_key, + int db_port, const char *db_socket, + const char *db_ssl_mode, const char *db_ssl_key, const char *db_ssl_cert, const char *db_ssl_ca, const char *db_ssl_capath, const char *db_ssl_cipher, bool mult_db_connections, bool disable_batch_insert) diff --git a/bacula/src/cats/mysql.c b/bacula/src/cats/mysql.c index cdb75e1f98..3aa9a668d6 100644 --- a/bacula/src/cats/mysql.c +++ b/bacula/src/cats/mysql.c @@ -91,7 +91,8 @@ BDB_MYSQL::~BDB_MYSQL() */ BDB *db_init_database(JCR *jcr, const char *db_driver, const char *db_name, const char *db_user, const char *db_password, const char *db_address, int db_port, const char *db_socket, - const char *db_ssl_key, const char *db_ssl_cert, const char *db_ssl_ca, + const char *db_ssl_mode, const char *db_ssl_key, + const char *db_ssl_cert, const char *db_ssl_ca, const char *db_ssl_capath, const char *db_ssl_cipher, bool mult_db_connections, bool disable_batch_insert) { @@ -133,6 +134,11 @@ BDB *db_init_database(JCR *jcr, const char *db_driver, const char *db_name, cons if (db_socket) { mdb->m_db_socket = bstrdup(db_socket); } + if (db_ssl_mode) { + mdb->m_db_ssl_mode = bstrdup(db_ssl_mode); + } else { + mdb->m_db_ssl_mode = bstrdup("preferred"); + } if (db_ssl_key) { mdb->m_db_ssl_key = bstrdup(db_ssl_key); } @@ -354,6 +360,9 @@ void BDB_MYSQL::bdb_close_database(JCR *jcr) if (mdb->m_db_socket) { free(mdb->m_db_socket); } + if (mdb->m_db_ssl_mode) { + free(mdb->m_db_ssl_mode); + } if (mdb->m_db_ssl_key) { free(mdb->m_db_ssl_key); } diff --git a/bacula/src/cats/postgresql.c b/bacula/src/cats/postgresql.c index dabc4b827b..3f7ec61197 100644 --- a/bacula/src/cats/postgresql.c +++ b/bacula/src/cats/postgresql.c @@ -100,8 +100,8 @@ BDB_POSTGRESQL::~BDB_POSTGRESQL() */ BDB *db_init_database(JCR *jcr, const char *db_driver, const char *db_name, const char *db_user, const char *db_password, const char *db_address, int db_port, const char *db_socket, - const char *db_ssl_key, const char *db_ssl_cert, const char *db_ssl_ca, - const char *db_ssl_capath, const char *db_ssl_cipher, + const char *db_ssl_mode, const char *db_ssl_key, const char *db_ssl_cert, + const char *db_ssl_ca, const char *db_ssl_capath, const char *db_ssl_cipher, bool mult_db_connections, bool disable_batch_insert) { BDB_POSTGRESQL *mdb = NULL; @@ -139,7 +139,21 @@ BDB *db_init_database(JCR *jcr, const char *db_driver, const char *db_name, cons } if (db_socket) { mdb->m_db_socket = bstrdup(db_socket); - } + } + if (db_ssl_mode) { + mdb->m_db_ssl_mode = bstrdup(db_ssl_mode); + } else { + mdb->m_db_ssl_mode = bstrdup("prefer"); + } + if (db_ssl_key) { + mdb->m_db_ssl_key = bstrdup(db_ssl_key); + } + if (db_ssl_cert) { + mdb->m_db_ssl_cert = bstrdup(db_ssl_cert); + } + if (db_ssl_ca) { + mdb->m_db_ssl_ca = bstrdup(db_ssl_ca); + } mdb->m_db_port = db_port; if (disable_batch_insert) { @@ -242,17 +256,29 @@ bool BDB_POSTGRESQL::bdb_open_database(JCR *jcr) port = NULL; } + /* Tells libpq that the SSL library has already been initialized */ + PQinitSSL(0); + /* If connection fails, try at 5 sec intervals for 30 seconds. */ for (int retry=0; retry < 6; retry++) { /* connect to the database */ - mdb->m_db_handle = PQsetdbLogin( - mdb->m_db_address, /* default = localhost */ - port, /* default port */ - NULL, /* pg options */ - NULL, /* tty, ignored */ - mdb->m_db_name, /* database name */ - mdb->m_db_user, /* login name */ - mdb->m_db_password); /* password */ + const char *keywords[10] = {"host", "port", + "dbname", "user", + "password", "sslmode", + "sslkey", "sslcert", + "sslrootcert", NULL }; + const char *values[10] = {mdb->m_db_address, /* default localhost */ + port, /* default port */ + mdb->m_db_name, + mdb->m_db_user, + mdb->m_db_password, + mdb->m_db_ssl_mode, + mdb->m_db_ssl_key, + mdb->m_db_ssl_cert, + mdb->m_db_ssl_ca, + NULL }; + mdb->m_db_handle = PQconnectdbParams(keywords, + values, 0); /* If no connect, try once more in case it is a timing problem */ if (PQstatus(mdb->m_db_handle) == CONNECTION_OK) { @@ -265,6 +291,18 @@ bool BDB_POSTGRESQL::bdb_open_database(JCR *jcr) Dmsg3(dbglvl_info, "db_user=%s db_name=%s db_password=%s\n", mdb->m_db_user, mdb->m_db_name, mdb->m_db_password==NULL?"(NULL)":mdb->m_db_password); +#ifdef HAVE_OPENSSL + #define USE_OPENSSL 1 + SSL *ssl; + if (PQgetssl(mdb->m_db_handle) != NULL) { + Dmsg0(dbglvl_info, "SSL in use\n"); + ssl = (SSL *)PQgetssl(mdb->m_db_handle); + Dmsg2(dbglvl_info, "Version:%s Cipher:%s\n", SSL_get_version(ssl), SSL_get_cipher(ssl)); + } else { + Dmsg0(dbglvl_info, "SSL not in use\n"); + } +#endif + if (PQstatus(mdb->m_db_handle) != CONNECTION_OK) { Mmsg2(&mdb->errmsg, _("Unable to connect to PostgreSQL server. Database=%s User=%s\n" "Possible causes: SQL server not running; password incorrect; max_connections exceeded.\n"), @@ -342,7 +380,19 @@ void BDB_POSTGRESQL::bdb_close_database(JCR *jcr) } if (mdb->m_db_socket) { free(mdb->m_db_socket); - } + } + if (mdb->m_db_ssl_mode) { + free(mdb->m_db_ssl_mode); + } + if (mdb->m_db_ssl_key) { + free(mdb->m_db_ssl_key); + } + if (mdb->m_db_ssl_cert) { + free(mdb->m_db_ssl_cert); + } + if (mdb->m_db_ssl_ca) { + free(mdb->m_db_ssl_ca); + } delete mdb; if (db_list->size() == 0) { delete db_list; diff --git a/bacula/src/cats/protos.h b/bacula/src/cats/protos.h index e281435ef6..dacccb93d8 100644 --- a/bacula/src/cats/protos.h +++ b/bacula/src/cats/protos.h @@ -45,7 +45,8 @@ BDB *db_init_database(JCR *jcr, const char *db_driver, const char *db_name, const char *db_user, const char *db_password, const char *db_address, int db_port, - const char *db_socket, const char *db_ssl_key, + const char *db_socket, + const char *db_ssl_mode, const char *db_ssl_key, const char *db_ssl_cert, const char *db_ssl_ca, const char *db_ssl_capath, const char *db_ssl_cipher, bool mult_db_connections, bool disable_batch_insert); diff --git a/bacula/src/cats/sqlite.c b/bacula/src/cats/sqlite.c index 9ee8171021..0832cc5369 100644 --- a/bacula/src/cats/sqlite.c +++ b/bacula/src/cats/sqlite.c @@ -101,7 +101,8 @@ BDB_SQLITE::~BDB_SQLITE() */ BDB *db_init_database(JCR *jcr, const char *db_driver, const char *db_name, const char *db_user, const char *db_password, const char *db_address, int db_port, const char *db_socket, - const char *db_ssl_key, const char *db_ssl_cert, const char *db_ssl_ca, + const char *db_ssl_mode, const char *db_ssl_key, + const char *db_ssl_cert, const char *db_ssl_ca, const char *db_ssl_capath, const char *db_ssl_cipher, bool mult_db_connections, bool disable_batch_insert) { diff --git a/bacula/src/dird/dird.c b/bacula/src/dird/dird.c index 1f85ac7247..9bde2ebb84 100644 --- a/bacula/src/dird/dird.c +++ b/bacula/src/dird/dird.c @@ -1142,7 +1142,8 @@ static bool check_catalog(cat_op mode) catalog->db_user, catalog->db_password, catalog->db_address, catalog->db_port, catalog->db_socket, - catalog->db_ssl_key, catalog->db_ssl_cert, catalog->db_ssl_ca, + catalog->db_ssl_mode, catalog->db_ssl_key, + catalog->db_ssl_cert, catalog->db_ssl_ca, catalog->db_ssl_capath, catalog->db_ssl_cipher, catalog->mult_db_connections, catalog->disable_batch_insert); diff --git a/bacula/src/dird/dird_conf.c b/bacula/src/dird/dird_conf.c index 317e289823..f0c7d324ce 100644 --- a/bacula/src/dird/dird_conf.c +++ b/bacula/src/dird/dird_conf.c @@ -496,6 +496,8 @@ static RES_ITEM cat_items[] = { {"User", store_str, ITEM(res_cat.db_user), 0, 0, 0}, {"DbName", store_str, ITEM(res_cat.db_name), 0, ITEM_REQUIRED, 0}, {"dbdriver", store_str, ITEM(res_cat.db_driver), 0, 0, 0}, + {"DbSocket", store_str, ITEM(res_cat.db_socket), 0, 0, 0}, + {"dbsslmode", store_str, ITEM(res_cat.db_ssl_mode), 0, 0, 0}, {"dbsslkey", store_str, ITEM(res_cat.db_ssl_key), 0, 0, 0}, {"dbsslcert", store_str, ITEM(res_cat.db_ssl_cert), 0, 0, 0}, {"dbsslca", store_str, ITEM(res_cat.db_ssl_ca), 0, 0, 0}, @@ -1600,6 +1602,9 @@ void free_resource(RES *rres, int type) if (res->res_cat.db_password) { free(res->res_cat.db_password); } + if (res->res_cat.db_ssl_mode) { + free(res->res_cat.db_ssl_mode); + } if (res->res_cat.db_ssl_key) { free(res->res_cat.db_ssl_key); } diff --git a/bacula/src/dird/dird_conf.h b/bacula/src/dird/dird_conf.h index af07887866..dce2e9abfb 100644 --- a/bacula/src/dird/dird_conf.h +++ b/bacula/src/dird/dird_conf.h @@ -231,6 +231,7 @@ public: char *db_user; char *db_name; char *db_driver; /* Select appropriate driver */ + char *db_ssl_mode; /* specifies the security state of the connection to the server */ char *db_ssl_key; /* the path name to the key file */ char *db_ssl_cert; /* the path name to the certificate file */ char *db_ssl_ca; /* the path name to the certificate authority file */ diff --git a/bacula/src/dird/job.c b/bacula/src/dird/job.c index 3ac5feb645..a48806c4d3 100644 --- a/bacula/src/dird/job.c +++ b/bacula/src/dird/job.c @@ -116,9 +116,10 @@ bool setup_job(JCR *jcr) jcr->db = db_init_database(jcr, jcr->catalog->db_driver, jcr->catalog->db_name, jcr->catalog->db_user, jcr->catalog->db_password, jcr->catalog->db_address, jcr->catalog->db_port, - jcr->catalog->db_socket, jcr->catalog->db_ssl_key, - jcr->catalog->db_ssl_cert, jcr->catalog->db_ssl_ca, - jcr->catalog->db_ssl_capath, jcr->catalog->db_ssl_cipher, + jcr->catalog->db_socket, jcr->catalog->db_ssl_mode, + jcr->catalog->db_ssl_key, jcr->catalog->db_ssl_cert, + jcr->catalog->db_ssl_ca, jcr->catalog->db_ssl_capath, + jcr->catalog->db_ssl_cipher, jcr->catalog->mult_db_connections, jcr->catalog->disable_batch_insert); if (!jcr->db || !db_open_database(jcr, jcr->db)) { @@ -267,9 +268,10 @@ static bool setup_resume_job(JCR *jcr, JOB_DBR *jr) jcr->db = db_init_database(jcr, jcr->catalog->db_driver, jcr->catalog->db_name, jcr->catalog->db_user, jcr->catalog->db_password, jcr->catalog->db_address, jcr->catalog->db_port, - jcr->catalog->db_socket, jcr->catalog->db_ssl_key, - jcr->catalog->db_ssl_cert, jcr->catalog->db_ssl_ca, - jcr->catalog->db_ssl_capath, jcr->catalog->db_ssl_cipher, + jcr->catalog->db_socket, jcr->catalog->db_ssl_mode, + jcr->catalog->db_ssl_key, jcr->catalog->db_ssl_cert, + jcr->catalog->db_ssl_ca, jcr->catalog->db_ssl_capath, + jcr->catalog->db_ssl_cipher, jcr->catalog->mult_db_connections, jcr->catalog->disable_batch_insert); if (!jcr->db || !db_open_database(jcr, jcr->db)) { diff --git a/bacula/src/dird/ua_cmds.c b/bacula/src/dird/ua_cmds.c index 0e1277c16b..9f2a832421 100644 --- a/bacula/src/dird/ua_cmds.c +++ b/bacula/src/dird/ua_cmds.c @@ -2544,10 +2544,10 @@ bool open_db(UAContext *ua) ua->catalog->db_user, ua->catalog->db_password, ua->catalog->db_address, ua->catalog->db_port, ua->catalog->db_socket, - ua->catalog->db_ssl_key, ua->catalog->db_ssl_cert, - ua->catalog->db_ssl_ca, ua->catalog->db_ssl_capath, - ua->catalog->db_ssl_cipher, - mult_db_conn, ua->catalog->disable_batch_insert); + ua->catalog->db_ssl_mode, ua->catalog->db_ssl_key, + ua->catalog->db_ssl_cert, ua->catalog->db_ssl_ca, + ua->catalog->db_ssl_capath, ua->catalog->db_ssl_cipher, + mult_db_conn, ua->catalog->disable_batch_insert); if (!ua->db || !db_open_database(ua->jcr, ua->db)) { ua->error_msg(_("Could not open catalog database \"%s\".\n"), ua->catalog->db_name); diff --git a/bacula/src/dird/ua_output.c b/bacula/src/dird/ua_output.c index c8e156a395..3e940a69c2 100644 --- a/bacula/src/dird/ua_output.c +++ b/bacula/src/dird/ua_output.c @@ -940,7 +940,8 @@ bool complete_jcr_for_job(JCR *jcr, JOB *job, POOL *pool) jcr->catalog->db_user, jcr->catalog->db_password, jcr->catalog->db_address, jcr->catalog->db_port, jcr->catalog->db_socket, - jcr->catalog->db_ssl_key, jcr->catalog->db_ssl_cert, jcr->catalog->db_ssl_ca, + jcr->catalog->db_ssl_mode, jcr->catalog->db_ssl_key, + jcr->catalog->db_ssl_cert, jcr->catalog->db_ssl_ca, jcr->catalog->db_ssl_capath, jcr->catalog->db_ssl_cipher, jcr->catalog->mult_db_connections, jcr->catalog->disable_batch_insert); diff --git a/bacula/src/stored/bscan.c b/bacula/src/stored/bscan.c index f06d5f51ae..eb53b63be0 100644 --- a/bacula/src/stored/bscan.c +++ b/bacula/src/stored/bscan.c @@ -74,6 +74,7 @@ static const char *db_name = "bacula"; static const char *db_user = "bacula"; static const char *db_password = ""; static const char *db_host = NULL; +static const char *db_ssl_mode = NULL; static const char *db_ssl_key = NULL; static const char *db_ssl_cert = NULL; static const char *db_ssl_ca = NULL; @@ -148,7 +149,7 @@ int main (int argc, char *argv[]) OSDependentInit(); - while ((ch = getopt(argc, argv, "b:c:d:D:h:p:mn:pP:rsSt:u:vV:w:?")) != -1) { + while ((ch = getopt(argc, argv, "b:c:d:D:h:o:k:e:a:p:mn:pP:rsSt:u:vV:w:?")) != -1) { switch (ch) { case 'S' : showProgress = true; @@ -183,6 +184,22 @@ int main (int argc, char *argv[]) db_host = optarg; break; + case 'o': + db_ssl_mode = optarg; + break; + + case 'k': + db_ssl_key = optarg; + break; + + case 'e': + db_ssl_cert = optarg; + break; + + case 'a': + db_ssl_ca = optarg; + break; + case 't': db_port = atoi(optarg); break; @@ -285,8 +302,9 @@ int main (int argc, char *argv[]) } db = db_init_database(NULL, db_driver, db_name, db_user, db_password, - db_host, db_port, NULL, - db_ssl_key, db_ssl_cert, db_ssl_ca, + db_host, db_port, NULL, + db_ssl_mode, db_ssl_key, + db_ssl_cert, db_ssl_ca, db_ssl_capath, db_ssl_cipher, false, false); if (!db || !db_open_database(NULL, db)) { diff --git a/bacula/src/tools/bbatch.c b/bacula/src/tools/bbatch.c index 7b0453fca1..c86685f3a3 100644 --- a/bacula/src/tools/bbatch.c +++ b/bacula/src/tools/bbatch.c @@ -57,11 +57,12 @@ static const char *db_name = "bacula"; static const char *db_user = "bacula"; static const char *db_password = ""; static const char *db_host = NULL; -static const char *db_ssl_key= NULL; -static const char *db_ssl_cert= NULL; -static const char *db_ssl_ca= NULL; -static const char *db_ssl_capath= NULL; -static const char *db_ssl_cipher= NULL; +static const char *db_ssl_mode = NULL; +static const char *db_ssl_key = NULL; +static const char *db_ssl_cert = NULL; +static const char *db_ssl_ca = NULL; +static const char *db_ssl_capath = NULL; +static const char *db_ssl_cipher = NULL; static pthread_mutex_t mutex = PTHREAD_MUTEX_INITIALIZER; @@ -121,7 +122,7 @@ int main (int argc, char *argv[]) OSDependentInit(); - while ((ch = getopt(argc, argv, "bBh:k:e:a:c:d:n:P:Su:vf:w:r:?")) != -1) { + while ((ch = getopt(argc, argv, "bBh:o:k:e:a:c:d:n:P:Su:vf:w:r:?")) != -1) { switch (ch) { case 'r': restore_list=bstrdup(optarg); @@ -147,6 +148,10 @@ int main (int argc, char *argv[]) db_host = optarg; break; + case 'o': + db_ssl_mode = optarg; + break; + case 'k': db_ssl_key = optarg; break; @@ -205,8 +210,10 @@ int main (int argc, char *argv[]) /* To use the -r option, the catalog should already contains records */ if ((db = db_init_database(NULL, NULL, db_name, db_user, db_password, - db_host, 0, NULL, db_ssl_key, db_ssl_cert, - db_ssl_ca, db_ssl_capath, db_ssl_cipher, + db_host, 0, NULL, + db_ssl_mode, db_ssl_key, + db_ssl_cert, db_ssl_ca, + db_ssl_capath, db_ssl_cipher, false, !use_batch_insert)) == NULL) { Emsg0(M_ERROR_TERM, 0, _("Could not init Bacula database\n")); } @@ -256,8 +263,10 @@ int main (int argc, char *argv[]) pm_strcpy(bjcr->fileset_md5, "Dummy.fileset.md5"); if ((db = db_init_database(NULL, NULL, db_name, db_user, db_password, - db_host, 0, NULL, db_ssl_key, db_ssl_cert, - db_ssl_ca, db_ssl_capath, db_ssl_cipher, + db_host, 0, NULL, + db_ssl_mode, db_ssl_key, + db_ssl_cert, db_ssl_ca, + db_ssl_capath, db_ssl_cipher, false, false)) == NULL) { Emsg0(M_ERROR_TERM, 0, _("Could not init Bacula database\n")); } diff --git a/bacula/src/tools/bvfs_test.c b/bacula/src/tools/bvfs_test.c index 6037faa104..77c2edb405 100644 --- a/bacula/src/tools/bvfs_test.c +++ b/bacula/src/tools/bvfs_test.c @@ -38,6 +38,7 @@ static const char *db_name = "regress"; static const char *db_user = "regress"; static const char *db_password = ""; static const char *db_host = NULL; +static const char *db_ssl_mode = NULL; static const char *db_ssl_key = NULL; static const char *db_ssl_cert = NULL; static const char *db_ssl_ca = NULL; @@ -126,7 +127,7 @@ int main (int argc, char *argv[]) OSDependentInit(); - while ((ch = getopt(argc, argv, "h:k:e:a:c:l:d:n:P:Su:vf:w:?j:p:f:T")) != -1) { + while ((ch = getopt(argc, argv, "h:o:k:e:a:c:l:d:n:P:Su:vf:w:?j:p:f:T")) != -1) { switch (ch) { case 'd': /* debug level */ if (*optarg == 't') { @@ -150,6 +151,10 @@ int main (int argc, char *argv[]) db_host = optarg; break; + case 'o': + db_ssl_mode = optarg; + break; + case 'k': db_ssl_key= optarg; break; @@ -222,7 +227,8 @@ int main (int argc, char *argv[]) if ((db = db_init_database(NULL, NULL, db_name, db_user, db_password, db_host, 0, NULL, - db_ssl_key, db_ssl_cert, db_ssl_ca, + db_ssl_mode, db_ssl_key, + db_ssl_cert, db_ssl_ca, db_ssl_capath, db_ssl_cipher, false, false)) == NULL) { Emsg0(M_ERROR_TERM, 0, _("Could not init Bacula database\n")); diff --git a/bacula/src/tools/cats_test.c b/bacula/src/tools/cats_test.c index f06bba943e..558715491b 100644 --- a/bacula/src/tools/cats_test.c +++ b/bacula/src/tools/cats_test.c @@ -339,8 +339,8 @@ int main (int argc, char *argv[]) NULL /* dbi driver */, db_name, db_user, db_password, db_address, db_port + 100, NULL /* db_socket */, - db_ssl_key, db_ssl_cert, db_ssl_ca, - db_ssl_capath, db_ssl_cipher, + db_ssl_mode, db_ssl_key, db_ssl_cert, + db_ssl_ca, db_ssl_capath, db_ssl_cipher, 0 /* mult_db_connections */, false); ok(db != NULL, "Test bad connection"); if (!db) { @@ -355,8 +355,8 @@ int main (int argc, char *argv[]) NULL /* dbi driver */, db_name, db_user, db_password, db_address, db_port, NULL /* db_socket */, - db_ssl_key, db_ssl_cert, db_ssl_ca, - db_ssl_capath, db_ssl_cipher, + db_ssl_mode, db_ssl_key, db_ssl_cert, + db_ssl_ca, db_ssl_capath, db_ssl_cipher, false /* mult_db_connections */, false); ok(db != NULL, "Test db connection"); diff --git a/bacula/src/tools/dbcheck.c b/bacula/src/tools/dbcheck.c index 5c67fd91c1..28f785a134 100644 --- a/bacula/src/tools/dbcheck.c +++ b/bacula/src/tools/dbcheck.c @@ -95,7 +95,7 @@ static void usage() fprintf(stderr, PROG_COPYRIGHT "\n%sVersion: %s (%s)\n\n" -"Usage: dbcheck [-c config ] [-B] [-C catalog name] [-d debug_level] [] [] [] [] [] []\n" +"Usage: dbcheck [-c config ] [-B] [-C catalog name] [-d debug_level] [] [] [] [] [] [] []\n" " -b batch mode\n" " -C catalog name in the director conf file\n" " -c Director conf filename\n" @@ -115,7 +115,7 @@ int main (int argc, char *argv[]) { int ch; const char *user, *password, *db_name, *dbhost; - const char *dbsslkey = NULL, *dbsslcert = NULL, *dbsslca = NULL; + const char *dbsslmode = NULL, *dbsslkey = NULL, *dbsslcert = NULL, *dbsslca = NULL; const char *dbsslcapath = NULL, *dbsslcipher = NULL; int dbport = 0; bool print_catalog=false; @@ -218,7 +218,9 @@ int main (int argc, char *argv[]) db = db_init_database(NULL, catalog->db_driver, catalog->db_name, catalog->db_user, catalog->db_password, catalog->db_address, catalog->db_port, catalog->db_socket, - catalog->db_ssl_key, catalog->db_ssl_cert, catalog->db_ssl_ca, + catalog->db_ssl_mode, + catalog->db_ssl_key, catalog->db_ssl_cert, + catalog->db_ssl_ca, catalog->db_ssl_capath, catalog->db_ssl_cipher, catalog->mult_db_connections, catalog->disable_batch_insert); @@ -239,6 +241,7 @@ int main (int argc, char *argv[]) dbhost = NULL; } dbport = catalog->db_port; + dbsslmode = catalog->db_ssl_mode; dbsslkey = catalog->db_ssl_key; dbsslcert = catalog->db_ssl_cert; dbsslca = catalog->db_ssl_ca; @@ -246,7 +249,7 @@ int main (int argc, char *argv[]) dbsslcipher = catalog->db_ssl_cipher; } } else { - if (argc > 9) { + if (argc > 10) { Pmsg0(0, _("Wrong number of arguments.\n")); usage(); } @@ -283,11 +286,14 @@ int main (int argc, char *argv[]) exit(1); } if (argc >= 7) { - dbsslkey = argv[6]; - dbsslcert = argv[7]; - if (argc == 9) { - dbsslca = argv[8]; - } /* if (argc == 9) */ + dbsslmode = argv[6]; + if (argc >= 8) { + dbsslkey = argv[7]; + dbsslcert = argv[8]; + if (argc == 10) { + dbsslca = argv[9]; + } /* if (argc == 10) */ + } /* if (argc >= 8) */ } /* if (argc >= 7) */ } /* if (argc >= 6) */ } /* if (argc >= 5) */ @@ -298,7 +304,9 @@ int main (int argc, char *argv[]) /* Open database */ db = db_init_database(NULL, NULL, db_name, user, password, dbhost, - dbport, NULL, dbsslkey, dbsslcert, dbsslca, dbsslcapath, dbsslcipher, false, false); + dbport, NULL, dbsslmode, dbsslkey, dbsslcert, dbsslca, + dbsslcapath, dbsslcipher, false, false); + if (!db || !db_open_database(NULL, db)) { Emsg1(M_FATAL, 0, "%s", db_strerror(db)); return 1; @@ -335,6 +343,29 @@ int main (int argc, char *argv[]) return 0; } +static void print_catalog_details(CAT *catalog, const char *working_dir) +{ + POOLMEM *catalog_details = get_pool_memory(PM_MESSAGE); + + /* + * Instantiate a BDB class and see what db_type gets assigned to it. + */ + db = db_init_database(NULL, catalog->db_driver, catalog->db_name, catalog->db_user, + catalog->db_password, catalog->db_address, + catalog->db_port, catalog->db_socket, + catalog->db_ssl_mode, catalog->db_ssl_key, + catalog->db_ssl_cert, catalog->db_ssl_ca, + catalog->db_ssl_capath, catalog->db_ssl_cipher, + catalog->mult_db_connections, + catalog->disable_batch_insert); + if (db) { + printf("%sdb_type=%s\nworking_dir=%s\n", catalog->display(catalog_details), + db_get_engine_name(db), working_directory); + db_close_database(NULL, db); + } + free_pool_memory(catalog_details); +} + static void do_interactive_mode() { const char *cmd; -- 2.39.2