25
1
mirror of https://github.com/processone/ejabberd.git synced 2024-11-22 16:20:52 +01:00

Minor MS SQL improvements

Support 'sql_ssl' option for MS SQL - set Encryption=required and
Encrypt=yes in ODBC connection string to require SSL using default
FreeTDS driver and Microsoft ODBC Driver for SQL Server repectively.

Allow setting full ODBC connection string in 'sql_server' for MS SQL,
allowing custom connection configuration beyond what is possible with
just 'sql_odbc_driver' option.
This commit is contained in:
Stu Tomlinson 2023-01-14 12:03:41 +00:00
parent 06ffe995e1
commit 6fc67d83f4
2 changed files with 40 additions and 11 deletions

View File

@ -1293,9 +1293,9 @@ doc() ->
note => "added in 20.12",
desc =>
?T("Path to the ODBC driver to use to connect to a Microsoft SQL "
"Server database. This option is only valid if the _`sql_type`_ "
"option is set to 'mssql'. "
"The default value is: 'libtdsodbc.so'")}},
"Server database. This option only applies if the _`sql_type`_ "
"option is set to 'mssql' and _`sql_server`_ is not an ODBC "
"connection string. The default value is: 'libtdsodbc.so'")}},
{sql_password,
#{value => ?T("Password"),
desc =>
@ -1334,14 +1334,15 @@ doc() ->
{sql_server,
#{value => ?T("Host"),
desc =>
?T("A hostname or an IP address of the SQL server. "
?T("The hostname or IP address of the SQL server. For _`sql_type`_ "
"'mssql' or 'odbc' this can also be an ODBC connection string. "
"The default value is 'localhost'.")}},
{sql_ssl,
#{value => "true | false",
note => "improved in 20.03",
desc =>
?T("Whether to use SSL encrypted connections to the "
"SQL server. The option is only available for MySQL and "
"SQL server. The option is only available for MySQL, MS SQL and "
"PostgreSQL. The default value is 'false'.")}},
{sql_ssl_cafile,
#{value => ?T("Path"),
@ -1350,7 +1351,8 @@ doc() ->
"be used to verify SQL connections. Implies _`sql_ssl`_ "
"and _`sql_ssl_verify`_ options are set to 'true'. "
"There is no default which means "
"certificate verification is disabled.")}},
"certificate verification is disabled. "
"This option has no effect for MS SQL.")}},
{sql_ssl_certfile,
#{value => ?T("Path"),
desc =>
@ -1358,13 +1360,15 @@ doc() ->
"for SSL connections to the SQL server. Implies _`sql_ssl`_ "
"option is set to 'true'. There is no default which means "
"ejabberd won't provide a client certificate to the SQL "
"server.")}},
"server. "
"This option has no effect for MS SQL.")}},
{sql_ssl_verify,
#{value => "true | false",
desc =>
?T("Whether to verify SSL connection to the SQL server against "
"CA root certificates defined in _`sql_ssl_cafile`_ option. "
"Implies _`sql_ssl`_ option is set to 'true'. "
"This option has no effect for MS SQL. "
"The default value is 'false'.")}},
{sql_start_interval,
#{value => "timeout()",

View File

@ -1159,9 +1159,19 @@ db_opts(Host) ->
SSLOpts = get_ssl_opts(Transport, Host),
case Type of
mssql ->
[mssql, <<"DRIVER=ODBC;SERVER=", Server/binary, ";UID=", User/binary,
";DATABASE=", DB/binary ,";PWD=", Pass/binary,
";PORT=", (integer_to_binary(Port))/binary ,";CLIENT_CHARSET=UTF-8;">>, Timeout];
case odbc_server_is_connstring(Server) of
true ->
[mssql, Server, Timeout];
false ->
Encryption = case Transport of
tcp -> <<"">>;
ssl -> <<";ENCRYPTION=require;ENCRYPT=yes">>
end,
[mssql, <<"DRIVER=ODBC;SERVER=", Server/binary, ";DATABASE=", DB/binary,
";UID=", User/binary, ";PWD=", Pass/binary,
";PORT=", (integer_to_binary(Port))/binary, Encryption/binary,
";CLIENT_CHARSET=UTF-8;">>, Timeout]
end;
_ ->
[Type, Server, Port, DB, User, Pass, Timeout, Transport, SSLOpts]
end
@ -1171,6 +1181,8 @@ warn_if_ssl_unsupported(tcp, _) ->
ok;
warn_if_ssl_unsupported(ssl, pgsql) ->
ok;
warn_if_ssl_unsupported(ssl, mssql) ->
ok;
warn_if_ssl_unsupported(ssl, mysql) ->
ok;
warn_if_ssl_unsupported(ssl, Type) ->
@ -1203,7 +1215,7 @@ get_ssl_opts(ssl, Host) ->
get_ssl_opts(tcp, _) ->
[].
init_mssql(Host) ->
init_mssql_odbcinst(Host) ->
Driver = ejabberd_option:sql_odbc_driver(Host),
ODBCINST = io_lib:fwrite("[ODBC]~n"
"Driver = ~s~n", [Driver]),
@ -1225,6 +1237,19 @@ init_mssql(Host) ->
Err
end.
init_mssql(Host) ->
Server = ejabberd_option:sql_server(Host),
case odbc_server_is_connstring(Server) of
true -> ok;
false -> init_mssql_odbcinst(Host)
end.
odbc_server_is_connstring(Server) ->
case binary:match(Server, <<"=">>) of
nomatch -> false;
_ -> true
end.
write_file_if_new(File, Payload) ->
case filelib:is_file(File) of
true -> ok;