mirror of
https://github.com/Froxlor/Froxlor.git
synced 2024-09-21 18:37:30 +00:00
feat: adds mysql tls support (#979)
This commit is contained in:
Nick Ufer
GitHub
parent
7feddf0aec
commit
7ccbb37c4e
@ -168,6 +168,8 @@ class FroxlorInstall
|
||||
$this->_getPostField('mysql_unpriv_pass');
|
||||
$this->_getPostField('mysql_root_user', 'root');
|
||||
$this->_getPostField('mysql_root_pass');
|
||||
$this->_getPostField('mysql_ssl_ca_file');
|
||||
$this->_getPostField('mysql_ssl_verify_server_certificate', 0);
|
||||
$this->_getPostField('admin_user', 'admin');
|
||||
$this->_getPostField('admin_pass1');
|
||||
$this->_getPostField('admin_pass2');
|
||||
@ -213,6 +215,12 @@ class FroxlorInstall
|
||||
$options = array(
|
||||
'PDO::MYSQL_ATTR_INIT_COMMAND' => 'SET names utf8'
|
||||
);
|
||||
|
||||
if (!empty($this->_data['mysql_ssl_ca_file'])) {
|
||||
$options[\PDO::MYSQL_ATTR_SSL_CA] = $this->_data['mysql_ssl_ca_file'];
|
||||
$options[\PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT] = (bool) $this->_data['mysql_ssl_verify_server_certificate'];
|
||||
}
|
||||
|
||||
$dsn = "mysql:host=" . $this->_data['mysql_host'] . ";";
|
||||
$fatal_fail = false;
|
||||
try {
|
||||
@ -258,6 +266,12 @@ class FroxlorInstall
|
||||
$options = array(
|
||||
'PDO::MYSQL_ATTR_INIT_COMMAND' => 'SET names utf8'
|
||||
);
|
||||
|
||||
if (!empty($this->_data['mysql_ssl_ca_file'])) {
|
||||
$options[\PDO::MYSQL_ATTR_SSL_CA] = $this->_data['mysql_ssl_ca_file'];
|
||||
$options[\PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT] = (bool) $this->_data['mysql_ssl_verify_server_certificate'];
|
||||
}
|
||||
|
||||
$dsn = "mysql:host=" . $this->_data['mysql_host'] . ";dbname=" . $this->_data['mysql_database'] . ";";
|
||||
$another_fail = false;
|
||||
try {
|
||||
@ -327,10 +341,14 @@ class FroxlorInstall
|
||||
$userdata .= "\$sql['user']='" . addcslashes($this->_data['mysql_unpriv_user'], "'\\") . "';\n";
|
||||
$userdata .= "\$sql['password']='" . addcslashes($this->_data['mysql_unpriv_pass'], "'\\") . "';\n";
|
||||
$userdata .= "\$sql['db']='" . addcslashes($this->_data['mysql_database'], "'\\") . "';\n";
|
||||
$userdata .= "\$sql['ssl']['caFile']='" . addcslashes($this->_data['mysql_ssl_ca_file'], "'\\") . "';\n";
|
||||
$userdata .= "\$sql['ssl']['verifyServerCertificate']='" . addcslashes($this->_data['mysql_ssl_verify_server_certificate'], "'\\") . "';\n";
|
||||
$userdata .= "\$sql_root[0]['caption']='Default';\n";
|
||||
$userdata .= "\$sql_root[0]['host']='" . addcslashes($this->_data['mysql_host'], "'\\") . "';\n";
|
||||
$userdata .= "\$sql_root[0]['user']='" . addcslashes($this->_data['mysql_root_user'], "'\\") . "';\n";
|
||||
$userdata .= "\$sql_root[0]['password']='" . addcslashes($this->_data['mysql_root_pass'], "'\\") . "';\n";
|
||||
$userdata .= "\$sql_root[0]['ssl']['caFile']='" . addcslashes($this->_data['mysql_ssl_ca_file'], "'\\") . "';\n";
|
||||
$userdata .= "\$sql_root[0]['ssl']['verifyServerCertificate']='" . addcslashes($this->_data['mysql_ssl_verify_server_certificate'], "'\\") . "';\n";
|
||||
$userdata .= "// enable debugging to browser in case of SQL errors\n";
|
||||
$userdata .= "\$sql['debug'] = false;\n";
|
||||
$userdata .= "?>";
|
||||
@ -582,6 +600,12 @@ class FroxlorInstall
|
||||
$options = array(
|
||||
'PDO::MYSQL_ATTR_INIT_COMMAND' => 'SET names utf8'
|
||||
);
|
||||
|
||||
if (!empty($this->_data['mysql_ssl_ca_file'])) {
|
||||
$options[\PDO::MYSQL_ATTR_SSL_CA] = $this->_data['mysql_ssl_ca_file'];
|
||||
$options[\PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT] = (bool) $this->_data['mysql_ssl_verify_server_certificate'];
|
||||
}
|
||||
|
||||
$dsn = "mysql:host=" . $this->_data['mysql_host'] . ";dbname=" . $this->_data['mysql_database'] . ";";
|
||||
$fatal_fail = false;
|
||||
try {
|
||||
@ -875,6 +899,9 @@ class FroxlorInstall
|
||||
}
|
||||
$formdata .= $this->_getSectionItemString('mysql_root_pass', true, $style, 'password');
|
||||
|
||||
$formdata .= $this->_getSectionItemString('mysql_ssl_ca_file', false, $style);
|
||||
$formdata .= $this->_getSectionItemYesNo('mysql_ssl_verify_server_certificate', false, $style);
|
||||
|
||||
/**
|
||||
* admin data
|
||||
*/
|
||||
|
||||
@ -58,6 +58,8 @@ $lng['install']['mysql_unpriv_user'] = 'Username for the unprivileged MySQL-acco
|
||||
$lng['install']['mysql_unpriv_pass'] = 'Password for the unprivileged MySQL-account';
|
||||
$lng['install']['mysql_root_user'] = 'Username for the MySQL-root-account';
|
||||
$lng['install']['mysql_root_pass'] = 'Password for the MySQL-root-account';
|
||||
$lng['install']['mysql_ssl_ca_file'] = 'MySQL server certificate file path';
|
||||
$lng['install']['mysql_ssl_verify_server_certificate'] = 'Verify MySQL TLS certificate';
|
||||
$lng['install']['admin_account'] = 'Administrator Account';
|
||||
$lng['install']['admin_user'] = 'Administrator Username';
|
||||
$lng['install']['admin_pass1'] = 'Administrator Password';
|
||||
|
||||
@ -58,6 +58,8 @@ $lng['install']['mysql_unpriv_user'] = 'Benutzername für den unprivilegierten M
|
||||
$lng['install']['mysql_unpriv_pass'] = 'Passwort für den unprivilegierten MySQL-Account';
|
||||
$lng['install']['mysql_root_user'] = 'Benutzername für den MySQL-Root-Account';
|
||||
$lng['install']['mysql_root_pass'] = 'Passwort für den MySQL-Root-Account';
|
||||
$lng['install']['mysql_ssl_ca_file'] = 'MySQL-Server Zertifikatspfad';
|
||||
$lng['install']['mysql_ssl_verify_server_certificate'] = 'Validieren des MySQL-Server Zertifikats';
|
||||
$lng['install']['admin_account'] = 'Admin-Zugang';
|
||||
$lng['install']['admin_user'] = 'Administrator-Benutzername';
|
||||
$lng['install']['admin_pass1'] = 'Administrator-Passwort';
|
||||
|
||||
@ -279,6 +279,8 @@ class Database
|
||||
$host = $sql_root[self::$dbserver]['host'];
|
||||
$socket = isset($sql_root[self::$dbserver]['socket']) ? $sql_root[self::$dbserver]['socket'] : null;
|
||||
$port = isset($sql_root[self::$dbserver]['port']) ? $sql_root[self::$dbserver]['port'] : '3306';
|
||||
$sslCAFile = $sql_root[self::$dbserver]['ssl']['caFile'] ?? "";
|
||||
$sslVerifyServerCertificate = $sql_root[self::$dbserver]['ssl']['verifyServerCertificate'] ?? false;
|
||||
} else {
|
||||
$caption = 'localhost';
|
||||
$user = $sql["user"];
|
||||
@ -286,6 +288,8 @@ class Database
|
||||
$host = $sql["host"];
|
||||
$socket = isset($sql['socket']) ? $sql['socket'] : null;
|
||||
$port = isset($sql['port']) ? $sql['port'] : '3306';
|
||||
$sslCAFile = $sql['ssl']['caFile'] ?? "";
|
||||
$sslVerifyServerCertificate = $sql['ssl']['verifyServerCertificate'] ?? false;
|
||||
}
|
||||
|
||||
// save sql-access-data if needed
|
||||
@ -297,7 +301,9 @@ class Database
|
||||
'port' => $port,
|
||||
'socket' => $socket,
|
||||
'db' => $sql["db"],
|
||||
'caption' => $caption
|
||||
'caption' => $caption,
|
||||
'ssl_ca_file' => $sslCAFile,
|
||||
'ssl_verify_server_certificate' => $sslVerifyServerCertificate
|
||||
);
|
||||
}
|
||||
|
||||
@ -321,6 +327,11 @@ class Database
|
||||
} else {
|
||||
$dbconf["dsn"]['host'] = $host;
|
||||
$dbconf["dsn"]['port'] = $port;
|
||||
|
||||
if (!empty(self::$sqldata['ssl_ca_file'])) {
|
||||
$options[\PDO::MYSQL_ATTR_SSL_CA] = self::$sqldata['ssl_ca_file'];
|
||||
$options[\PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT] = (bool) self::$sqldata['ssl_verify_server_certificate'];
|
||||
}
|
||||
}
|
||||
|
||||
self::$dbname = $sql["db"];
|
||||
|
||||
@ -62,6 +62,11 @@ class PowerDNS
|
||||
} else {
|
||||
$dbconf["dsn"]['host'] = $mysql_data['gmysql-host'];
|
||||
$dbconf["dsn"]['port'] = $mysql_data['gmysql-port'];
|
||||
|
||||
if (!empty($mysql_data['gmysql-ssl-ca-file'])) {
|
||||
$options[\PDO::MYSQL_ATTR_SSL_CA] = $mysql_data['gmysql-ssl-ca-file'];
|
||||
$options[\PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT] = (bool) $mysql_data['gmysql-ssl-verify-server-certificate'];
|
||||
}
|
||||
}
|
||||
|
||||
// add options to dsn-string
|
||||
|
||||
Loading…
Reference in New Issue
Block a user