diff options
author | Marcin Ćojewski <marcin.lojewski@mlojewski.me> | 2020-12-26 15:39:21 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-12-26 15:39:21 +0300 |
commit | 43d4088c55e53489b25c303b4e0637767514cc82 (patch) | |
tree | 158b879f7c23a44105cd0b0695b4a543895aedf2 | |
parent | d6cbc24dad48b8e5bfa30b1f4c80cc060a365ffc (diff) | |
parent | 204c5c5f0bc1efe907dc7a9be5be6960c2935240 (diff) |
Merge pull request #142 from fxmw11/master
MySQL over SSL
-rw-r--r-- | README.md | 3 | ||||
-rw-r--r-- | js/settings.js | 15 | ||||
-rw-r--r-- | lib/Constant/DB.php | 3 | ||||
-rw-r--r-- | lib/Controller/SettingsController.php | 18 | ||||
-rw-r--r-- | lib/Properties.php | 2 | ||||
-rw-r--r-- | lib/Query/DataQuery.php | 12 | ||||
-rw-r--r-- | templates/admin.php | 3 |
7 files changed, 53 insertions, 3 deletions
@@ -40,6 +40,9 @@ Name | Description | Details **Database** | The name of the database. | Mandatory. **Username** | The name of the user for the connection. | Optional. **Password** | The password of the user for the connection. | Optional. +**SSL CA** | The file path to the SSL certificate authority (relative to Nextcloud serverroot) | Optional.<br/>Requires: SQL driver *mysql*. +**SSL Certificate** | The file path to the SSL certificate (relative to Nextcloud serverroot) | Optional.<br/>Requires: SQL driver *mysql*. +**SSL Key** | The file path to the SSL key (relative to Nextcloud serverroot) | Optional.<br/>Requires: SQL driver *mysql*. **System wide values** | Place where database connection parameters are stored.<br/>- *true* - config.php (System wide values).<br/>- *false* - database (App values). | Optional.<br/>Default: *false*. #### Options diff --git a/js/settings.js b/js/settings.js index 07c3e41..a78359c 100644 --- a/js/settings.js +++ b/js/settings.js @@ -127,6 +127,21 @@ user_sql.adminSettingsUI = function () { cryptoChanged(); }; + $("#db-driver").change(function () { + var ssl_ca = $("#db-ssl_ca").parent().parent(); + var ssl_cert = $("#db-ssl_cert").parent().parent(); + var ssl_key = $("#db-ssl_key").parent().parent(); + if ($("#db-driver").val() === 'mysql') { + ssl_ca.show(); + ssl_cert.show(); + ssl_key.show(); + } else { + ssl_ca.hide(); + ssl_cert.hide(); + ssl_key.hide(); + } + }); + $("#user_sql-db_connection_verify").click(function (event) { return click(event, "/apps/user_sql/settings/db/verify"); }); diff --git a/lib/Constant/DB.php b/lib/Constant/DB.php index f3365bd..641674d 100644 --- a/lib/Constant/DB.php +++ b/lib/Constant/DB.php @@ -32,6 +32,9 @@ final class DB const DRIVER = "db.driver"; const HOSTNAME = "db.hostname"; const PASSWORD = "db.password"; + const SSL_CA = "db.ssl_ca"; + const SSL_CERT = "db.ssl_cert"; + const SSL_KEY = "db.ssl_key"; const USERNAME = "db.username"; const GROUP_TABLE = "db.table.group"; diff --git a/lib/Controller/SettingsController.php b/lib/Controller/SettingsController.php index 6d83920..0e59261 100644 --- a/lib/Controller/SettingsController.php +++ b/lib/Controller/SettingsController.php @@ -146,6 +146,9 @@ class SettingsController extends Controller $dbDatabase = $this->request->getParam("db-database"); $dbUsername = $this->request->getParam("db-username"); $dbPassword = $this->request->getParam("db-password"); + $dbSSL_ca = $this->request->getParam("db-ssl_ca"); + $dbSSL_cert = $this->request->getParam("db-ssl_cert"); + $dbSSL_key = $this->request->getParam("db-ssl_key"); if (empty($dbDriver)) { throw new DatabaseException("No database driver specified."); @@ -160,9 +163,19 @@ class SettingsController extends Controller "password" => $dbPassword, "user" => $dbUsername, "dbname" => $dbDatabase, - "tablePrefix" => "" + "tablePrefix" => "", + "driverOptions" => array() ]; + if ($dbDriver == 'mysql') { + if ($dbSSL_ca) + $parameters["driverOptions"][\PDO::MYSQL_ATTR_SSL_CA] = \OC::$SERVERROOT.'/'.$dbSSL_ca; + if ($dbSSL_cert) + $parameters["driverOptions"][\PDO::MYSQL_ATTR_SSL_CERT] = \OC::$SERVERROOT.'/'.$dbSSL_cert; + if ($dbSSL_key) + $parameters["driverOptions"][\PDO::MYSQL_ATTR_SSL_KEY] = \OC::$SERVERROOT.'/'.$dbSSL_key; + } + $connection = $connectionFactory->getConnection($dbDriver, $parameters); $connection->executeQuery("SELECT 'user_sql'"); @@ -216,6 +229,9 @@ class SettingsController extends Controller unset($this->properties[DB::PASSWORD]); unset($this->properties[DB::USERNAME]); unset($this->properties[DB::DATABASE]); + unset($this->properties[DB::SSL_CA]); + unset($this->properties[DB::SSL_CERT]); + unset($this->properties[DB::SSL_KEY]); $this->properties[Opt::SAFE_STORE] = $safeStore; } diff --git a/lib/Properties.php b/lib/Properties.php index bd97d2c..d30ae1a 100644 --- a/lib/Properties.php +++ b/lib/Properties.php @@ -160,7 +160,7 @@ class Properties implements \ArrayAccess */ private function isSystemValue($param) { - return $this->safeStore && in_array($param, array(DB::HOSTNAME, DB::PASSWORD, DB::USERNAME, DB::DATABASE)); + return $this->safeStore && in_array($param, array(DB::HOSTNAME, DB::PASSWORD, DB::USERNAME, DB::DATABASE, DB::SSL_CA, DB::SSL_CERT, DB::SSL_KEY)); } /** diff --git a/lib/Query/DataQuery.php b/lib/Query/DataQuery.php index 55bef51..c71b464 100644 --- a/lib/Query/DataQuery.php +++ b/lib/Query/DataQuery.php @@ -145,9 +145,19 @@ class DataQuery "password" => $this->properties[DB::PASSWORD], "user" => $this->properties[DB::USERNAME], "dbname" => $this->properties[DB::DATABASE], - "tablePrefix" => "" + "tablePrefix" => "", + "driverOptions" => array() ); + if ($this->properties[DB::DRIVER] == 'mysql') { + if ($this->properties[DB::SSL_CA]) + $parameters["driverOptions"][\PDO::MYSQL_ATTR_SSL_CA] = \OC::$SERVERROOT.'/'.$this->properties[DB::SSL_CA]; + if ($this->properties[DB::SSL_CERT]) + $parameters["driverOptions"][\PDO::MYSQL_ATTR_SSL_CERT] = \OC::$SERVERROOT.'/'.$this->properties[DB::SSL_CERT]; + if ($this->properties[DB::SSL_KEY]) + $parameters["driverOptions"][\PDO::MYSQL_ATTR_SSL_KEY] = \OC::$SERVERROOT.'/'.$this->properties[DB::SSL_KEY]; + } + $this->connection = $connectionFactory->getConnection( $this->properties[DB::DRIVER], $parameters ); diff --git a/templates/admin.php b/templates/admin.php index 548d805..74772e7 100644 --- a/templates/admin.php +++ b/templates/admin.php @@ -100,6 +100,9 @@ function print_select_options( print_text_input($l, "db-database", "Database", $_["db.database"]); print_text_input($l, "db-username", "Username", $_["db.username"]); print_text_input($l, "db-password", "Password", $_["db.password"], "password"); + print_text_input($l, "db-ssl_ca", "SSL CA", $_["db.ssl_ca"]); + print_text_input($l, "db-ssl_cert", "SSL Certificate", $_["db.ssl_cert"]); + print_text_input($l, "db-ssl_key", "SSL Key", $_["db.ssl_key"]); print_checkbox_input($l, "opt-safe_store", "System wide values", $_["opt.safe_store"]); ?> <div class="button-right"> <input type="submit" id="user_sql-db_connection_verify" value="<?php p($l->t("Verify settings")); ?>"> |