tyler.durden
/
icingaweb2
mirror of https://github.com/Icinga/icingaweb2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

DbResourceForm: Don't show SSL form elements by default 

Addded additionally a check for PHP 5.4 so that these elements
are not shown for earlier versions.

refs #11115
This commit is contained in:
Johannes Meyer 2016-05-27 15:45:22 +02:00
parent 5e7817cad2
commit b759ab6f5a
4 changed files with 92 additions and 67 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

108
application/forms/Config/Resource/DbResourceForm.php
View File

@ -42,6 +42,8 @@ class DbResourceForm extends Form
if (Platform::hasOciSupport()) {
$dbChoices['oci'] = 'Oracle (OCI8)';
}
$encryptionChoices = array();
$offerPostgres = false;
$offerMysql = false;
if (isset($formData['db'])) {
@ -49,6 +51,9 @@ class DbResourceForm extends Form
$offerPostgres = true;
} elseif ($formData['db'] === 'mysql') {
$offerMysql = true;
if (version_compare(Platform::getPhpVersion(), '5.4.0', '>=')) {
$encryptionChoices['ssl'] = 'SSL';
}
}
} else {
$dbChoice = key($dbChoices);
@ -56,8 +61,12 @@ class DbResourceForm extends Form
$offerPostgres = true;
} elseif ($dbChoice === 'mysql') {
$offerMysql = true;
if (version_compare(Platform::getPhpVersion(), '5.4.0', '>=')) {
$encryptionChoices['ssl'] = 'SSL';
}
}
}
$socketInfo = '';
if ($offerPostgres) {
$socketInfo = $this->translate(
@ -68,6 +77,7 @@ class DbResourceForm extends Form
'For using unix domain sockets, specify localhost'
);
}
$this->addElement(
'text',
'name',
@ -138,52 +148,66 @@ class DbResourceForm extends Form
'description' => $this->translate('The password to use for authentication')
)
);
if ($offerMysql) {
if (! empty($encryptionChoices)) {
$this->addElement(
'text',
'ssl_key',
'select',
'encryption',
array(
'required' => false,
'label' => $this->translate('SSL Key'),
'description' => $this->translate('The SSL client key file path')
)
);
$this->addElement(
'text',
'ssl_cert',
array(
'required' => false,
'label' => $this->translate('SSL Certificate'),
'description' => $this->translate('The SSL certificate file path')
)
);
$this->addElement(
'text',
'ssl_ca',
array(
'required' => false,
'label' => $this->translate('SSL CA'),
'description' => $this->translate('The SSL Certificate Authority certificate file path')
)
);
$this->addElement(
'text',
'ssl_capath',
array(
'required' => false,
'label' => $this->translate('SSL CA Path'),
'description' => $this->translate('The SSL trusted SSL CA certificates in PEM format directory path')
)
);
$this->addElement(
'text',
'ssl_cipher',
array(
'required' => false,
'label' => $this->translate('SSL Cipher'),
'description' => $this->translate('The SSL list of permissible ciphers')
'autosubmit' => true,
'label' => $this->translate('Encryption'),
'description' => $this->translate(
'Whether to encrypt the connection or to authenticate using certificates'
),
'multiOptions' => array_merge(
array('none' => $this->translate('None', 'db connection encryption')),
$encryptionChoices
)
)
);
if (isset($formData['encryption']) && $formData['encryption'] === 'ssl') {
$this->addElement(
'text',
'ssl_key',
array(
'label' => $this->translate('SSL Key'),
'description' => $this->translate('The client key file path')
)
);
$this->addElement(
'text',
'ssl_cert',
array(
'label' => $this->translate('SSL Certificate'),
'description' => $this->translate('The certificate file path')
)
);
$this->addElement(
'text',
'ssl_ca',
array(
'label' => $this->translate('SSL CA'),
'description' => $this->translate('The CA certificate file path')
)
);
$this->addElement(
'text',
'ssl_capath',
array(
'label' => $this->translate('SSL CA Path'),
'description' => $this->translate(
'The trusted CA certificates in PEM format directory path'
)
)
);
$this->addElement(
'text',
'ssl_cipher',
array(
'label' => $this->translate('SSL Cipher'),
'description' => $this->translate('The list of permissible ciphers')
)
);
}
}
$this->addElement(
'text',

8
library/Icinga/Data/Db/DbConnection.php
View File

@ -143,13 +143,7 @@ class DbConnection implements Selectable, Extensible, Updatable, Reducible, Insp
break;
case 'mysql':
$adapter = 'Pdo_Mysql';
// If any SSL options are set, add them to driver_options
if ($this->config->ssl_key
|| $this->config->ssl_cert
|| $this->config->ssl_ca
|| $this->config->ssl_capath
|| $this->config->ssl_cipher
) {
if ($this->config->encryption === 'ssl') {
# The presence of these keys as empty strings or null cause non-ssl connections to fail
if ($this->config->ssl_key) {
$adapterParamaters['driver_options'][PDO::MYSQL_ATTR_SSL_KEY] = $this->config->ssl_key;

26
modules/monitoring/library/Monitoring/BackendStep.php
View File

@ -113,29 +113,43 @@ class BackendStep extends Step
. '<td><strong>' . t('Password') . '</strong></td>'
. '<td>' . str_repeat('*', strlen($this->data['resourceConfig']['password'])) . '</td>'
. '</tr>';
if ($this->data['resourceConfig']['db'] === 'mysql') {
if (isset($this->data['resourceConfig']['ssl_key']) && $this->data['resourceConfig']['ssl_key']) {
$resourceHtml .= ''
.'<tr>'
. '<td><strong>' . t('SSL Key') . '</strong></td>'
. '<td>' . $this->data['resourceConfig']['ssl_key'] . '</td>'
. '</tr>'
. '</tr>';
}
if (isset($this->data['resourceConfig']['ssl_cert']) && $this->data['resourceConfig']['ssl_cert']) {
$resourceHtml .= ''
. '<tr>'
. '<td><strong>' . t('SSL Cert') . '</strong></td>'
. '<td>' . $this->data['resourceConfig']['ssl_cert'] . '</td>'
. '</tr>'
. '</tr>';
}
if (isset($this->data['resourceConfig']['ssl_ca']) && $this->data['resourceConfig']['ssl_ca']) {
$resourceHtml .= ''
. '<tr>'
. '<td><strong>' . t('CA') . '</strong></td>'
. '<td>' . $this->data['resourceConfig']['ssl_ca'] . '</td>'
. '</tr>'
. '</tr>';
}
if (isset($this->data['resourceConfig']['ssl_capath']) && $this->data['resourceConfig']['ssl_capath']) {
$resourceHtml .= ''
. '<tr>'
. '<td><strong>' . t('CA Path') . '</strong></td>'
. '<td>' . $this->data['resourceConfig']['ssl_capath'] . '</td>'
. '</tr>'
. '</tr>';
}
if (isset($this->data['resourceConfig']['ssl_cipher']) && $this->data['resourceConfig']['ssl_cipher']) {
$resourceHtml .= ''
. '<tr>'
. '<td><strong>' . t('Cipher') . '</strong></td>'
. '<td>' . $this->data['resourceConfig']['ssl_cipher'] . '</td>'
. '</tr>';
};
}
$resourceHtml .= ''
. '</tbody>'
. '</table>';

17
modules/setup/library/Setup/Utils/DbTool.php
View File

@ -262,12 +262,7 @@ class DbTool
);
if ($this->config['db'] === 'mysql') {
if ($this->config['ssl_key']
|| $this->config['ssl_cert']
|| $this->config['ssl_ca']
|| $this->config['ssl_capath']
|| $this->config['ssl_cipher']
) {
if (isset($this->config['encryption']) && $this->config['encryption'] === 'ssl') {
$this->config['driver_options'] = array();
# The presence of these keys as empty strings or null cause non-ssl connections to fail
if ($this->config['ssl_key']) {
@ -315,12 +310,10 @@ class DbTool
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION
);
if ($this->config['db'] == 'mysql'
&& ($this->config['ssl_key']
|| $this->config['ssl_cert']
|| $this->config['ssl_ca']
|| $this->config['ssl_capath']
|| $this->config['ssl_cipher'])
if (
$this->config['db'] === 'mysql'
&& isset($this->config['encryption'])
&& $this->config['encryption'] === 'ssl'
) {
# The presence of these keys as empty strings or null cause non-ssl connections to fail
if ($this->config['ssl_key']) {