Skip to content

D
doctrine-dbal
Commit f347a83c authored by Steve Müller's avatar Steve Müller Committed by GitHub
Browse files
Options

Merge pull request #2570 from pgrau/patch-1 

Mysqli: Allow secure connections using SSL
parents 91d1eebf 78e58376
Hide whitespace changes
Inline Side-by-side
Showing with 71 additions and 1 deletion
docs/en/reference/configuration.rst
View file @ f347a83c
......@@ -235,6 +235,11 @@ mysqli
the database.
- ``charset`` (string): The charset used when connecting to the
database.
- ``ssl_key`` (string): The path name to the key file to use for SSL encryption.
- ``ssl_cert`` (string): The path name to the certificate file to use for SSL encryption.
- ``ssl_ca`` (string): The path name to the certificate authority file to use for SSL encryption.
- ``ssl_capath`` (string): The pathname to a directory that contains trusted SSL CA certificates in PEM format.
- ``ssl_cipher`` (string): A list of allowable ciphers to use for SSL encryption.
- ``driverOptions`` Any supported flags for mysqli found on `http://www.php.net/manual/en/mysqli.real-connect.php`
pdo\_pgsql
......
lib/Doctrine/DBAL/Driver/Mysqli/MysqliConnection.php
View file @ f347a83c
......@@ -63,6 +63,7 @@ class MysqliConnection implements Connection, PingableConnection, ServerInfoAwar
$this->_conn = mysqli_init();
$this->setSecureConnection($params);
$this->setDriverOptions($driverOptions);
set_error_handler(function () {});
......@@ -263,4 +264,35 @@ class MysqliConnection implements Connection, PingableConnection, ServerInfoAwar
{
return $this->_conn->ping();
}
/**
* Establish a secure connection
*
* @param array $params
* @throws MysqliException
*/
private function setSecureConnection(array $params)
{
if (! isset($params['ssl_key']) &&
! isset($params['ssl_cert']) &&
! isset($params['ssl_ca']) &&
! isset($params['ssl_capath']) &&
! isset($params['ssl_cipher'])
) {
return;
}
if (! isset($params['ssl_key']) || ! isset($params['ssl_cert'])) {
$msg = '"ssl_key" and "ssl_cert" parameters are mandatory when using secure connection parameters.';
throw new MysqliException($msg);
}
$this->_conn->ssl_set(
$params['ssl_key'],
$params['ssl_cert'],
$params['ssl_ca'] ?? null,
$params['ssl_capath'] ?? null,
$params['ssl_cipher'] ?? null
);
}
}
tests/Doctrine/Tests/DBAL/Driver/Mysqli/MysqliConnectionTest.php
View file @ f347a83c
......@@ -2,6 +2,8 @@
namespace Doctrine\Tests\DBAL\Driver\Mysqli;
use Doctrine\DBAL\Driver\Mysqli\MysqliConnection;
use Doctrine\DBAL\Driver\Mysqli\MysqliException;
use Doctrine\Tests\DbalTestCase;
class MysqliConnectionTest extends DbalTestCase
......@@ -21,7 +23,7 @@ class MysqliConnectionTest extends DbalTestCase
parent::setUp();
$this->connectionMock = $this->getMockBuilder('Doctrine\DBAL\Driver\Mysqli\MysqliConnection')
$this->connectionMock = $this->getMockBuilder(MysqliConnection::class)
->disableOriginalConstructor()
->getMockForAbstractClass();
}
......@@ -30,4 +32,35 @@ class MysqliConnectionTest extends DbalTestCase
{
$this->assertFalse($this->connectionMock->requiresQueryForServerVersion());
}
/**
* @dataProvider secureMissingParamsProvider
*/
public function testThrowsExceptionWhenMissingMandatorySecureParams(array $secureParams)
{
$this->expectException(MysqliException::class);
$msg = '"ssl_key" and "ssl_cert" parameters are mandatory when using secure connection parameters.';
$this->expectExceptionMessage($msg);
new MysqliConnection($secureParams, 'xxx', 'xxx');
}
public function secureMissingParamsProvider()
{
return [
[
['ssl_cert' => 'cert.pem']
],
[
['ssl_key' => 'key.pem']
],
[
['ssl_key' => 'key.pem', 'ssl_ca' => 'ca.pem', 'ssl_capath' => 'xxx', 'ssl_cipher' => 'xxx']
],
[
['ssl_ca' => 'ca.pem', 'ssl_capath' => 'xxx', 'ssl_cipher' => 'xxx']
]
];
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment