mirror of
https://github.com/processone/ejabberd.git
synced 2024-11-24 16:23:40 +01:00
Minor MS SQL improvements
Support 'sql_ssl' option for MS SQL - set Encryption=required and Encrypt=yes in ODBC connection string to require SSL using default FreeTDS driver and Microsoft ODBC Driver for SQL Server repectively. Allow setting full ODBC connection string in 'sql_server' for MS SQL, allowing custom connection configuration beyond what is possible with just 'sql_odbc_driver' option.
This commit is contained in:
parent
06ffe995e1
commit
6fc67d83f4
@ -1293,9 +1293,9 @@ doc() ->
|
||||
note => "added in 20.12",
|
||||
desc =>
|
||||
?T("Path to the ODBC driver to use to connect to a Microsoft SQL "
|
||||
"Server database. This option is only valid if the _`sql_type`_ "
|
||||
"option is set to 'mssql'. "
|
||||
"The default value is: 'libtdsodbc.so'")}},
|
||||
"Server database. This option only applies if the _`sql_type`_ "
|
||||
"option is set to 'mssql' and _`sql_server`_ is not an ODBC "
|
||||
"connection string. The default value is: 'libtdsodbc.so'")}},
|
||||
{sql_password,
|
||||
#{value => ?T("Password"),
|
||||
desc =>
|
||||
@ -1334,14 +1334,15 @@ doc() ->
|
||||
{sql_server,
|
||||
#{value => ?T("Host"),
|
||||
desc =>
|
||||
?T("A hostname or an IP address of the SQL server. "
|
||||
?T("The hostname or IP address of the SQL server. For _`sql_type`_ "
|
||||
"'mssql' or 'odbc' this can also be an ODBC connection string. "
|
||||
"The default value is 'localhost'.")}},
|
||||
{sql_ssl,
|
||||
#{value => "true | false",
|
||||
note => "improved in 20.03",
|
||||
desc =>
|
||||
?T("Whether to use SSL encrypted connections to the "
|
||||
"SQL server. The option is only available for MySQL and "
|
||||
"SQL server. The option is only available for MySQL, MS SQL and "
|
||||
"PostgreSQL. The default value is 'false'.")}},
|
||||
{sql_ssl_cafile,
|
||||
#{value => ?T("Path"),
|
||||
@ -1350,7 +1351,8 @@ doc() ->
|
||||
"be used to verify SQL connections. Implies _`sql_ssl`_ "
|
||||
"and _`sql_ssl_verify`_ options are set to 'true'. "
|
||||
"There is no default which means "
|
||||
"certificate verification is disabled.")}},
|
||||
"certificate verification is disabled. "
|
||||
"This option has no effect for MS SQL.")}},
|
||||
{sql_ssl_certfile,
|
||||
#{value => ?T("Path"),
|
||||
desc =>
|
||||
@ -1358,13 +1360,15 @@ doc() ->
|
||||
"for SSL connections to the SQL server. Implies _`sql_ssl`_ "
|
||||
"option is set to 'true'. There is no default which means "
|
||||
"ejabberd won't provide a client certificate to the SQL "
|
||||
"server.")}},
|
||||
"server. "
|
||||
"This option has no effect for MS SQL.")}},
|
||||
{sql_ssl_verify,
|
||||
#{value => "true | false",
|
||||
desc =>
|
||||
?T("Whether to verify SSL connection to the SQL server against "
|
||||
"CA root certificates defined in _`sql_ssl_cafile`_ option. "
|
||||
"Implies _`sql_ssl`_ option is set to 'true'. "
|
||||
"This option has no effect for MS SQL. "
|
||||
"The default value is 'false'.")}},
|
||||
{sql_start_interval,
|
||||
#{value => "timeout()",
|
||||
|
@ -1159,9 +1159,19 @@ db_opts(Host) ->
|
||||
SSLOpts = get_ssl_opts(Transport, Host),
|
||||
case Type of
|
||||
mssql ->
|
||||
[mssql, <<"DRIVER=ODBC;SERVER=", Server/binary, ";UID=", User/binary,
|
||||
";DATABASE=", DB/binary ,";PWD=", Pass/binary,
|
||||
";PORT=", (integer_to_binary(Port))/binary ,";CLIENT_CHARSET=UTF-8;">>, Timeout];
|
||||
case odbc_server_is_connstring(Server) of
|
||||
true ->
|
||||
[mssql, Server, Timeout];
|
||||
false ->
|
||||
Encryption = case Transport of
|
||||
tcp -> <<"">>;
|
||||
ssl -> <<";ENCRYPTION=require;ENCRYPT=yes">>
|
||||
end,
|
||||
[mssql, <<"DRIVER=ODBC;SERVER=", Server/binary, ";DATABASE=", DB/binary,
|
||||
";UID=", User/binary, ";PWD=", Pass/binary,
|
||||
";PORT=", (integer_to_binary(Port))/binary, Encryption/binary,
|
||||
";CLIENT_CHARSET=UTF-8;">>, Timeout]
|
||||
end;
|
||||
_ ->
|
||||
[Type, Server, Port, DB, User, Pass, Timeout, Transport, SSLOpts]
|
||||
end
|
||||
@ -1171,6 +1181,8 @@ warn_if_ssl_unsupported(tcp, _) ->
|
||||
ok;
|
||||
warn_if_ssl_unsupported(ssl, pgsql) ->
|
||||
ok;
|
||||
warn_if_ssl_unsupported(ssl, mssql) ->
|
||||
ok;
|
||||
warn_if_ssl_unsupported(ssl, mysql) ->
|
||||
ok;
|
||||
warn_if_ssl_unsupported(ssl, Type) ->
|
||||
@ -1203,7 +1215,7 @@ get_ssl_opts(ssl, Host) ->
|
||||
get_ssl_opts(tcp, _) ->
|
||||
[].
|
||||
|
||||
init_mssql(Host) ->
|
||||
init_mssql_odbcinst(Host) ->
|
||||
Driver = ejabberd_option:sql_odbc_driver(Host),
|
||||
ODBCINST = io_lib:fwrite("[ODBC]~n"
|
||||
"Driver = ~s~n", [Driver]),
|
||||
@ -1225,6 +1237,19 @@ init_mssql(Host) ->
|
||||
Err
|
||||
end.
|
||||
|
||||
init_mssql(Host) ->
|
||||
Server = ejabberd_option:sql_server(Host),
|
||||
case odbc_server_is_connstring(Server) of
|
||||
true -> ok;
|
||||
false -> init_mssql_odbcinst(Host)
|
||||
end.
|
||||
|
||||
odbc_server_is_connstring(Server) ->
|
||||
case binary:match(Server, <<"=">>) of
|
||||
nomatch -> false;
|
||||
_ -> true
|
||||
end.
|
||||
|
||||
write_file_if_new(File, Payload) ->
|
||||
case filelib:is_file(File) of
|
||||
true -> ok;
|
||||
|
Loading…
Reference in New Issue
Block a user