From aa81bb8cd6f3d1e0d6818a50a500d22dd249b679 Mon Sep 17 00:00:00 2001 From: Klas Lindfors Date: Thu, 1 Apr 2021 14:49:11 +0200 Subject: [PATCH] sql: add mysql_port configuration --- pam_yubico.8.txt | 3 +++ pam_yubico.c | 10 +++++++--- util.c | 3 ++- util.h | 4 +++- 4 files changed, 15 insertions(+), 5 deletions(-) diff --git a/pam_yubico.8.txt b/pam_yubico.8.txt index 45bd6b7..625f677 100644 --- a/pam_yubico.8.txt +++ b/pam_yubico.8.txt @@ -119,6 +119,9 @@ Path of a system-wide directory where challenge-response files can be found for *mysql_server*=_mysqlserver_:: Hostname/Adress of mysql server. Example 10.0.0.1 +*mysql_port*=_mysqlport_:: +Network port of mysql server. + *mysql_user*=_mysqluser_:: User for accessing to the database. Strongly recommended to use a specific user with read only access. diff --git a/pam_yubico.c b/pam_yubico.c index 899dc5b..7cba801 100644 --- a/pam_yubico.c +++ b/pam_yubico.c @@ -135,6 +135,7 @@ struct cfg const char *yubi_attr; const char *yubi_attr_prefix; const char *mysql_server; + int mysql_port; const char *mysql_user; const char *mysql_password; const char *mysql_database; @@ -176,7 +177,7 @@ authorize_user_token (struct cfg *cfg, as an argument for this module. */ DBG ("Using Mariadb or Mysql Database"); - retval = check_user_token_mysql(cfg->mysql_server, cfg->mysql_user, cfg->mysql_password, cfg->mysql_database, username, otp_id, cfg->debug, cfg->debug_file); + retval = check_user_token_mysql(cfg->mysql_server, cfg->mysql_port, cfg->mysql_user, cfg->mysql_password, cfg->mysql_database, username, otp_id, cfg->debug, cfg->debug_file); #else DBG (("Trying to use MYSQL, but this function is not compiled in pam_yubico!!")); #endif @@ -892,9 +893,11 @@ parse_cfg (int flags, int argc, const char **argv, struct cfg *cfg) cfg->chalresp_path = argv[i] + 14; if (strncmp (argv[i], "mysql_server=", 13) == 0) cfg->mysql_server = argv[i] + 13; - if (strncmp (argv[i], "mysql_user=", 11) == 0) + if (strncmp (argv[i], "mysql_port=", 11) == 0) + sscanf (argv[i], "mysql_port=%u", &cfg->mysql_port); + if (strncmp (argv[i], "mysql_user=", 11) == 0) cfg->mysql_user = argv[i] + 11; - if (strncmp (argv[i], "mysql_password=", 15) == 0) + if (strncmp (argv[i], "mysql_password=", 15) == 0) cfg->mysql_password = argv[i] + 15; if (strncmp (argv[i], "mysql_database=", 15) == 0) cfg->mysql_database = argv[i] + 15; @@ -965,6 +968,7 @@ parse_cfg (int flags, int argc, const char **argv, struct cfg *cfg) DBG ("mode=%s", cfg->mode == CLIENT ? "client" : "chresp" ); DBG ("chalresp_path=%s", cfg->chalresp_path ? cfg->chalresp_path : "(null)"); DBG ("mysql_server=%s", cfg->mysql_server ? cfg->mysql_server : "(null)"); + DBG ("mysql_port=%d", cfg->mysql_port); DBG ("mysql_user=%s", cfg->mysql_user ? cfg->mysql_user : "(null)"); DBG ("mysql_database=%s", cfg->mysql_database ? cfg->mysql_database : "(null)"); diff --git a/util.c b/util.c index 5582aab..d157678 100644 --- a/util.c +++ b/util.c @@ -114,6 +114,7 @@ get_user_cfgfile_path(const char *common_path, const char *filename, const struc */ int check_user_token_mysql(const char *mysql_server, + int mysql_port, const char *mysql_user, const char *mysql_password, const char *mysql_database, @@ -152,7 +153,7 @@ check_user_token_mysql(const char *mysql_server, return retval; } - if(mysql_real_connect(con, mysql_server,mysql_user,mysql_password,mysql_database, 0, NULL, 0) == NULL) + if(mysql_real_connect(con, mysql_server,mysql_user,mysql_password,mysql_database, mysql_port, NULL, 0) == NULL) { if(verbose) D (debug_file, "Connection failed ..."); diff --git a/util.h b/util.h index fbf5397..3a36978 100644 --- a/util.h +++ b/util.h @@ -52,7 +52,9 @@ int get_user_cfgfile_path(const char *common_path, const char *filename, const struct passwd *user, char **fn); #ifdef HAVE_MYSQL -int check_user_token_mysql(const char *mysql_server,const char *mysql_user,const char *mysql_password,const char *mysql_database,const char *username,const char *otp_id,int verbose,FILE *debug_file); +int check_user_token_mysql(const char *mysql_server, int mysql_port, const char *mysql_user, + const char *mysql_password, const char *mysql_database, const char *username, const char *otp_id, int verbose, + FILE *debug_file); #endif int check_user_token(const char *authfile, const char *username, const char *otp_id, int verbose, FILE *debug_file);