diff --git a/reports/opendmarc-expire.in b/reports/opendmarc-expire.in index 326a5a38..b850e359 100755 --- a/reports/opendmarc-expire.in +++ b/reports/opendmarc-expire.in @@ -41,11 +41,13 @@ my $def_dbname = "opendmarc"; my $def_dbuser = "opendmarc"; my $def_dbpasswd = "opendmarc"; my $def_dbport = "3306"; +my $def_dbssl = 0; my $dbhost; my $dbname; my $dbuser; my $dbpasswd; my $dbport; +my $dbssl; my $dbscheme = "@SQL_BACKEND@"; @@ -66,6 +68,7 @@ sub usage print STDERR "\t--dbname=name database name [$def_dbname]\n"; print STDERR "\t--dbpasswd=passwd database password [$def_dbpasswd]\n"; print STDERR "\t--dbport=port database port [$def_dbport]\n"; + print STDERR "\t--dbssl access database over SSL [$def_dbssl]\n"; print STDERR "\t--dbuser=user database user [$def_dbuser]\n"; print STDERR "\t--expire=days expiration time, in days [$def_maxage]\n"; print STDERR "\t--help print help and exit\n"; @@ -79,6 +82,7 @@ my $opt_retval = &Getopt::Long::GetOptions ('alltables!' => \$alltables, 'dbname=s' => \$dbname, 'dbpasswd=s' => \$dbpasswd, 'dbport=s' => \$dbport, + 'dbssl!' => \$dbssl, 'dbuser=s' => \$dbuser, 'expire=i' => \$maxage, 'help!' => \$helponly, @@ -155,6 +159,18 @@ if (!defined($dbport)) } } +if (!defined($dbssl)) +{ + if (defined($ENV{'OPENDMARC_SSL'})) + { + $dbssl = $ENV{'OPENDMARC_SSL'}; + } + else + { + $dbssl = $def_dbssl; + } +} + if (!defined($dbuser)) { if (defined($ENV{'OPENDMARC_USER'})) @@ -196,7 +212,7 @@ if ($verbose) } my $dbi_dsn = "DBI:" . $dbscheme . ":database=" . $dbname . - ";host=" . $dbhost . ";port=" . $dbport; + ";host=" . $dbhost . ";port=" . $dbport . ";mysql_ssl=" . $dbssl; $dbi_h = DBI->connect($dbi_dsn, $dbuser, $dbpasswd, { PrintError => 0 }); if (!defined($dbi_h)) diff --git a/reports/opendmarc-import.8.in b/reports/opendmarc-import.8.in index 4e854ac9..96e49046 100644 --- a/reports/opendmarc-import.8.in +++ b/reports/opendmarc-import.8.in @@ -34,6 +34,11 @@ Specifies the TCP port on which the SQL server is expected to be listening. Defaults to the value of the environment variable OPENDMARC_PORT, or 3306 if the environment variable is not set. .TP +.I --dbssl +Specifies to use SSL/TLS to connect to SQL server. Defaults to the value +of the environment variable OPENDMARC_SSL or false if the environment +variable is not set. +.TP .I --dbuser=user Specifies the SQL user to be used to access the database. Defaults to the value of the environment variable OPENDMARC_USER, or "opendmarc" if diff --git a/reports/opendmarc-import.in b/reports/opendmarc-import.in index 3a2f404e..ece08345 100755 --- a/reports/opendmarc-import.in +++ b/reports/opendmarc-import.in @@ -35,6 +35,7 @@ my $def_dbname = "opendmarc"; my $def_dbuser = "opendmarc"; my $def_dbpasswd = "opendmarc"; my $def_dbport = "3306"; +my $def_dbssl = 0; my $def_interval = "86400"; my $def_inputfh = *STDIN; my $dbhost; @@ -42,6 +43,7 @@ my $dbname; my $dbuser; my $dbpasswd; my $dbport; +my $dbssl; my $inputfile; my $inputfh; @@ -420,6 +422,7 @@ sub usage print STDERR "\t--dbname=name database name [$def_dbname]\n"; print STDERR "\t--dbpasswd=passwd database password [$def_dbpasswd]\n"; print STDERR "\t--dbport=port database port [$def_dbport]\n"; + print STDERR "\t--dbssl access database over SSL [$def_dbssl]\n"; print STDERR "\t--dbuser=user database user [$def_dbuser]\n"; print STDERR "\t--input=file input file [STDIN]\n"; print STDERR "\t--help print help and exit\n"; @@ -432,6 +435,7 @@ my $opt_retval = &Getopt::Long::GetOptions ('dbhost=s' => \$dbhost, 'dbname=s' => \$dbname, 'dbpasswd=s' => \$dbpasswd, 'dbport=s' => \$dbport, + 'dbssl!' => \$dbssl, 'dbuser=s' => \$dbuser, 'input=s' => \$inputfile, 'help!' => \$helponly, @@ -508,6 +512,18 @@ if (!defined($dbport)) } } +if (!defined($dbssl)) +{ + if (defined($ENV{'OPENDMARC_SSL'})) + { + $dbssl = $ENV{'OPENDMARC_SSL'}; + } + else + { + $dbssl = $def_dbssl; + } +} + if (!defined($dbuser)) { if (defined($ENV{'OPENDMARC_USER'})) @@ -544,7 +560,7 @@ if (!flock($inputfh, LOCK_SH)) } my $dbi_dsn = "DBI:" . $dbscheme . ":database=" . $dbname . - ";host=" . $dbhost . ";port=" . $dbport; + ";host=" . $dbhost . ";port=" . $dbport . ";mysql_ssl=" . $dbssl; $dbi_h = DBI->connect($dbi_dsn, $dbuser, $dbpasswd, { PrintError => 0 }); if (!defined($dbi_h)) diff --git a/reports/opendmarc-params.in b/reports/opendmarc-params.in index b74bcdf5..58c7dbde 100755 --- a/reports/opendmarc-params.in +++ b/reports/opendmarc-params.in @@ -33,11 +33,13 @@ my $def_dbname = "opendmarc"; my $def_dbuser = "opendmarc"; my $def_dbpasswd = "opendmarc"; my $def_dbport = "3306"; +my $def_dbssl = 0; my $dbhost; my $dbname; my $dbuser; my $dbpasswd; my $dbport; +my $dbssl; my $dbscheme = "@SQL_BACKEND@"; @@ -131,6 +133,7 @@ sub usage print STDERR "\t--dbname=name database name [$def_dbname]\n"; print STDERR "\t--dbpasswd=passwd database password [$def_dbpasswd]\n"; print STDERR "\t--dbport=port database port [$def_dbport]\n"; + print STDERR "\t--dbssl access database over SSL [$def_dbssl]\n"; print STDERR "\t--dbuser=user database user [$def_dbuser]\n"; print STDERR "\t--rua=string aggregate report URI(s)\n"; print STDERR "\t--help print help and exit\n"; @@ -144,6 +147,7 @@ my $opt_retval = &Getopt::Long::GetOptions ('dbhost=s' => \$dbhost, 'dbname=s' => \$dbname, 'dbpasswd=s' => \$dbpasswd, 'dbport=s' => \$dbport, + 'dbssl!' => \$dbssl, 'dbuser=s' => \$dbuser, 'help!' => \$helponly, 'rua=s' => \$rua, @@ -223,6 +227,18 @@ if (!defined($dbport)) } } +if (!defined($dbssl)) +{ + if (defined($ENV{'OPENDMARC_SSL'})) + { + $dbssl = $ENV{'OPENDMARC_SSL'}; + } + else + { + $dbssl = $def_dbssl; + } +} + if (!defined($dbuser)) { if (defined($ENV{'OPENDMARC_USER'})) @@ -241,7 +257,7 @@ if ($verbose) } my $dbi_dsn = "DBI:" . $dbscheme . ":database=" . $dbname . - ";host=" . $dbhost . ";port=" . $dbport; + ";host=" . $dbhost . ";port=" . $dbport . ";mysql_ssl=" . $dbssl; $dbi_h = DBI->connect($dbi_dsn, $dbuser, $dbpasswd, { PrintError => 0 }); if (!defined($dbi_h)) diff --git a/reports/opendmarc-reports.8.in b/reports/opendmarc-reports.8.in index 3c8f1a3f..65d4ebeb 100644 --- a/reports/opendmarc-reports.8.in +++ b/reports/opendmarc-reports.8.in @@ -42,6 +42,11 @@ Specifies the TCP port on which the SQL server is expected to be listening. Defaults to the value of the environment variable OPENDMARC_PORT, or 3306 if the environment variable is not set. .TP +.I --dbssl +Specifies to use SSL/TLS to connect to SQL server. Defaults to the value +of the environment variable OPENDMARC_SSL or false if the environment +variable is not set. +.TP .I --dbuser=user Specifies the SQL user to be used to access the database. Defaults to the value of the environment variable OPENDMARC_USER, or "opendmarc" if diff --git a/reports/opendmarc-reports.in b/reports/opendmarc-reports.in index 69a2194b..1ba924f5 100755 --- a/reports/opendmarc-reports.in +++ b/reports/opendmarc-reports.in @@ -127,12 +127,14 @@ my $def_dbname = "opendmarc"; my $def_dbuser = "opendmarc"; my $def_dbpasswd = "opendmarc"; my $def_dbport = "3306"; +my $def_dbssl = 0; my $def_interval = "86400"; my $dbhost; my $dbname; my $dbuser; my $dbpasswd; my $dbport; +my $dbssl; my $dbscheme = "@SQL_BACKEND@"; @@ -157,6 +159,7 @@ sub usage print STDERR "\t--dbname=name database name [$def_dbname]\n"; print STDERR "\t--dbpasswd=passwd database password [$def_dbpasswd]\n"; print STDERR "\t--dbport=port database port [$def_dbport]\n"; + print STDERR "\t--dbssl access database over SSL [$def_dbssl]\n"; print STDERR "\t--dbuser=user database user [$def_dbuser]\n"; print STDERR "\t--domain=name force a report for named domain\n"; print STDERR "\t--help print help and exit\n"; @@ -186,6 +189,7 @@ my $opt_retval = &Getopt::Long::GetOptions ('day!' => \$daybound, 'dbname=s' => \$dbname, 'dbpasswd=s' => \$dbpasswd, 'dbport=s' => \$dbport, + 'dbssl!' => \$dbssl, 'dbuser=s' => \$dbuser, 'domain=s' => \$forcedomain, 'help!' => \$helponly, @@ -272,6 +276,18 @@ if (!defined($dbport)) } } +if (!defined($dbssl)) +{ + if (defined($ENV{'OPENDMARC_SSL'})) + { + $dbssl = $ENV{'OPENDMARC_SSL'}; + } + else + { + $dbssl = $def_dbssl; + } +} + if (!defined($dbuser)) { if (defined($ENV{'OPENDMARC_USER'})) @@ -304,7 +320,7 @@ if ($verbose) } my $dbi_dsn = "DBI:" . $dbscheme . ":database=" . $dbname . - ";host=" . $dbhost . ";port=" . $dbport; + ";host=" . $dbhost . ";port=" . $dbport . ";mysql_ssl=" . $dbssl; $dbi_h = DBI->connect($dbi_dsn, $dbuser, $dbpasswd, { PrintError => 0 }); if (!defined($dbi_h))