-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
It looks like I may have to modify DBIx::SearchBuilder, in particular
‘Handle.pm’. This is in order to access my RT mysql database via SSL.
It seems that the only way to get perl DBD::mysql to use SSL may be to
provide a hashref in the connect call, something like this:
DBI->connect($dsn, $user, $pass,
{
mysql_read_default_file => “fully/qualified/path/to/my.cnf”
}
);
the DBD::mysql manpage lists this syntax also
$dsn = “DBI:mysql:test;mysql_read_default_file=/home/joe/my.cnf”;
If that works, you may be able to change RT::Handle::BuildDSN in
local/lib to do the right thing.
Kevin,
You’re right! In fact, I had noticed this a couple of weeks ago, but then
forgot about it.
As for fixing RT::Handle::BuildDSN, I don’t know how best to generalize it
to apply to all kinds of database drivers. But for mysql, I could do
something like this, I suppose:
First, define a new variable in RT_SiteConfig.pm, e.g.,
Set($MySQLClientConfigFile,‘/home/joe/my.cnf’);
Then, use it in RT::Handle::BuildDSN, e.g., perhaps like this:
! my $DBDriver = $RT::DatabaseType;
! $DBDriver .= “;mysql_read_default_file=$RT::DBClientConfigFile” if
! (defined $RT::MySQLClientConfigFile);
$self->SUPER::BuildDSN(Host => $RT::DatabaseHost,
Database => $RT::DatabaseName,
Port => $RT::DatabasePort,
! Driver => $DBDriver,
RequireSSL => $RT::DatabaseRequireSSL,
DisconnectHandleOnDestroy => 1
);
It would, I suppose, be best to make the fix more general, not so
mysql-specific. But I’m not in a position to do this right now.
Meanwhile, I’ll see if I have to do this. I’m waiting on word from my DB
guy who’s investigating the ins and outs of using mysql and SSL.
Can I create a modified DBIx::Searchbuilder in my RT ‘local/lib’, just
as if I were modifying an RT ‘lib’ module, even though
DBIx::Searchbuilder is installed in ‘site_perl’ and not in the RT tree?
RT runs with local/lib first in @INC, so that should work if needed. Of
course, it might be better to get a patch submitted and an official
release to support what you need.
It’s good to know the above will work, for future reference, even though
I’d rather not modify a non-RT module as part of RT maintenance.
Thanks.
Mike
Mike Friedman Information Services & Technology
mikef@ack.Berkeley.EDU 2484 Shattuck Avenue
1-510-642-1410 University of California at Berkeley
Socrates and Berkeley Scholars Web Hosting Services Have Been Retired | Web Platform Services http://ist.berkeley.edu
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.8
iQA/AwUBRiaZPK0bf1iNr4mCEQLyBQCfdopCVQrw7Be2t7SCPT5u3KimHCEAoOnR
Ipd+C09J5FEPhgaie/66CJct
=ATm2
-----END PGP SIGNATURE-----