tyler.durden/icingaweb2
1
0
Fork 0
mirror of https://github.com/Icinga/icingaweb2.git synced 2025-07-28 00:04:04 +02:00
Code Issues Packages Projects Releases Wiki Activity

DbResourceForm: Don't show SSL form elements by default

Browse Source 
Addded additionally a check for PHP 5.4 so that these elements
are not shown for earlier versions.

refs #11115
This commit is contained in:
Johannes Meyer 2016-05-27 15:45:22 +02:00
parent 5e7817cad2
commit b759ab6f5a
4 changed files with 92 additions and 67 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

108
application/forms/Config/Resource/DbResourceForm.php
View File

@ -42,6 +42,8 @@ class DbResourceForm extends Form
if (Platform::hasOciSupport()) { if (Platform::hasOciSupport()) {
$dbChoices['oci'] = 'Oracle (OCI8)'; $dbChoices['oci'] = 'Oracle (OCI8)';
} }
$encryptionChoices = array();
$offerPostgres = false; $offerPostgres = false;
$offerMysql = false; $offerMysql = false;
if (isset($formData['db'])) { if (isset($formData['db'])) {
@ -49,6 +51,9 @@ class DbResourceForm extends Form
$offerPostgres = true; $offerPostgres = true;
} elseif ($formData['db'] === 'mysql') { } elseif ($formData['db'] === 'mysql') {
$offerMysql = true; $offerMysql = true;
if (version_compare(Platform::getPhpVersion(), '5.4.0', '>=')) {
$encryptionChoices['ssl'] = 'SSL';
}
} }
} else { } else {
$dbChoice = key($dbChoices); $dbChoice = key($dbChoices);
@ -56,8 +61,12 @@ class DbResourceForm extends Form
$offerPostgres = true; $offerPostgres = true;
} elseif ($dbChoice === 'mysql') { } elseif ($dbChoice === 'mysql') {
$offerMysql = true; $offerMysql = true;
if (version_compare(Platform::getPhpVersion(), '5.4.0', '>=')) {
$encryptionChoices['ssl'] = 'SSL';
}
} }
} }
$socketInfo = ''; $socketInfo = '';
if ($offerPostgres) { if ($offerPostgres) {
$socketInfo = $this->translate( $socketInfo = $this->translate(
@ -68,6 +77,7 @@ class DbResourceForm extends Form
'For using unix domain sockets, specify localhost' 'For using unix domain sockets, specify localhost'
); );
} }
$this->addElement( $this->addElement(
'text', 'text',
'name', 'name',
@ -138,52 +148,66 @@ class DbResourceForm extends Form
'description' => $this->translate('The password to use for authentication') 'description' => $this->translate('The password to use for authentication')
) )
); );
if ($offerMysql) { if (! empty($encryptionChoices)) {
$this->addElement( $this->addElement(
'text', 'select',
'ssl_key', 'encryption',
array( array(
'required' => false, 'autosubmit' => true,
'label' => $this->translate('SSL Key'), 'label' => $this->translate('Encryption'),
'description' => $this->translate('The SSL client key file path') 'description' => $this->translate(
) 'Whether to encrypt the connection or to authenticate using certificates'
); ),
$this->addElement( 'multiOptions' => array_merge(
'text', array('none' => $this->translate('None', 'db connection encryption')),
'ssl_cert', $encryptionChoices
array( )
'required' => false,
'label' => $this->translate('SSL Certificate'),
'description' => $this->translate('The SSL certificate file path')
)
);
$this->addElement(
'text',
'ssl_ca',
array(
'required' => false,
'label' => $this->translate('SSL CA'),
'description' => $this->translate('The SSL Certificate Authority certificate file path')
)
);
$this->addElement(
'text',
'ssl_capath',
array(
'required' => false,
'label' => $this->translate('SSL CA Path'),
'description' => $this->translate('The SSL trusted SSL CA certificates in PEM format directory path')
)
);
$this->addElement(
'text',
'ssl_cipher',
array(
'required' => false,
'label' => $this->translate('SSL Cipher'),
'description' => $this->translate('The SSL list of permissible ciphers')
) )
); );
if (isset($formData['encryption']) && $formData['encryption'] === 'ssl') {
$this->addElement(
'text',
'ssl_key',
array(
'label' => $this->translate('SSL Key'),
'description' => $this->translate('The client key file path')
)
);
$this->addElement(
'text',
'ssl_cert',
array(
'label' => $this->translate('SSL Certificate'),
'description' => $this->translate('The certificate file path')
)
);
$this->addElement(
'text',
'ssl_ca',
array(
'label' => $this->translate('SSL CA'),
'description' => $this->translate('The CA certificate file path')
)
);
$this->addElement(
'text',
'ssl_capath',
array(
'label' => $this->translate('SSL CA Path'),
'description' => $this->translate(
'The trusted CA certificates in PEM format directory path'
)
)
);
$this->addElement(
'text',
'ssl_cipher',
array(
'label' => $this->translate('SSL Cipher'),
'description' => $this->translate('The list of permissible ciphers')
)
);
}
} }
$this->addElement( $this->addElement(
'text', 'text',

8
library/Icinga/Data/Db/DbConnection.php
View File

@ -143,13 +143,7 @@ class DbConnection implements Selectable, Extensible, Updatable, Reducible, Insp
break; break;
case 'mysql': case 'mysql':
$adapter = 'Pdo_Mysql'; $adapter = 'Pdo_Mysql';
// If any SSL options are set, add them to driver_options if ($this->config->encryption === 'ssl') {
if ($this->config->ssl_key
|| $this->config->ssl_cert
|| $this->config->ssl_ca
|| $this->config->ssl_capath
|| $this->config->ssl_cipher
) {
# The presence of these keys as empty strings or null cause non-ssl connections to fail # The presence of these keys as empty strings or null cause non-ssl connections to fail
if ($this->config->ssl_key) { if ($this->config->ssl_key) {
$adapterParamaters['driver_options'][PDO::MYSQL_ATTR_SSL_KEY] = $this->config->ssl_key; $adapterParamaters['driver_options'][PDO::MYSQL_ATTR_SSL_KEY] = $this->config->ssl_key;

26
modules/monitoring/library/Monitoring/BackendStep.php
View File

@ -113,29 +113,43 @@ class BackendStep extends Step
. '<td><strong>' . t('Password') . '</strong></td>' . '<td><strong>' . t('Password') . '</strong></td>'
. '<td>' . str_repeat('*', strlen($this->data['resourceConfig']['password'])) . '</td>' . '<td>' . str_repeat('*', strlen($this->data['resourceConfig']['password'])) . '</td>'
. '</tr>'; . '</tr>';
if ($this->data['resourceConfig']['db'] === 'mysql') {
if (isset($this->data['resourceConfig']['ssl_key']) && $this->data['resourceConfig']['ssl_key']) {
$resourceHtml .= '' $resourceHtml .= ''
.'<tr>' .'<tr>'
. '<td><strong>' . t('SSL Key') . '</strong></td>' . '<td><strong>' . t('SSL Key') . '</strong></td>'
. '<td>' . $this->data['resourceConfig']['ssl_key'] . '</td>' . '<td>' . $this->data['resourceConfig']['ssl_key'] . '</td>'
. '</tr>' . '</tr>';
}
if (isset($this->data['resourceConfig']['ssl_cert']) && $this->data['resourceConfig']['ssl_cert']) {
$resourceHtml .= ''
. '<tr>' . '<tr>'
. '<td><strong>' . t('SSL Cert') . '</strong></td>' . '<td><strong>' . t('SSL Cert') . '</strong></td>'
. '<td>' . $this->data['resourceConfig']['ssl_cert'] . '</td>' . '<td>' . $this->data['resourceConfig']['ssl_cert'] . '</td>'
. '</tr>' . '</tr>';
}
if (isset($this->data['resourceConfig']['ssl_ca']) && $this->data['resourceConfig']['ssl_ca']) {
$resourceHtml .= ''
. '<tr>' . '<tr>'
. '<td><strong>' . t('CA') . '</strong></td>' . '<td><strong>' . t('CA') . '</strong></td>'
. '<td>' . $this->data['resourceConfig']['ssl_ca'] . '</td>' . '<td>' . $this->data['resourceConfig']['ssl_ca'] . '</td>'
. '</tr>' . '</tr>';
}
if (isset($this->data['resourceConfig']['ssl_capath']) && $this->data['resourceConfig']['ssl_capath']) {
$resourceHtml .= ''
. '<tr>' . '<tr>'
. '<td><strong>' . t('CA Path') . '</strong></td>' . '<td><strong>' . t('CA Path') . '</strong></td>'
. '<td>' . $this->data['resourceConfig']['ssl_capath'] . '</td>' . '<td>' . $this->data['resourceConfig']['ssl_capath'] . '</td>'
. '</tr>' . '</tr>';
}
if (isset($this->data['resourceConfig']['ssl_cipher']) && $this->data['resourceConfig']['ssl_cipher']) {
$resourceHtml .= ''
. '<tr>' . '<tr>'
. '<td><strong>' . t('Cipher') . '</strong></td>' . '<td><strong>' . t('Cipher') . '</strong></td>'
. '<td>' . $this->data['resourceConfig']['ssl_cipher'] . '</td>' . '<td>' . $this->data['resourceConfig']['ssl_cipher'] . '</td>'
. '</tr>'; . '</tr>';
}; }
$resourceHtml .= '' $resourceHtml .= ''
. '</tbody>' . '</tbody>'
. '</table>'; . '</table>';

17
modules/setup/library/Setup/Utils/DbTool.php
View File

@ -262,12 +262,7 @@ class DbTool
); );
if ($this->config['db'] === 'mysql') { if ($this->config['db'] === 'mysql') {
if ($this->config['ssl_key'] if (isset($this->config['encryption']) && $this->config['encryption'] === 'ssl') {
|| $this->config['ssl_cert']
|| $this->config['ssl_ca']
|| $this->config['ssl_capath']
|| $this->config['ssl_cipher']
) {
$this->config['driver_options'] = array(); $this->config['driver_options'] = array();
# The presence of these keys as empty strings or null cause non-ssl connections to fail # The presence of these keys as empty strings or null cause non-ssl connections to fail
if ($this->config['ssl_key']) { if ($this->config['ssl_key']) {
@ -315,12 +310,10 @@ class DbTool
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION
); );
if ($this->config['db'] == 'mysql' if (
&& ($this->config['ssl_key'] $this->config['db'] === 'mysql'
|| $this->config['ssl_cert'] && isset($this->config['encryption'])
|| $this->config['ssl_ca'] && $this->config['encryption'] === 'ssl'
|| $this->config['ssl_capath']
|| $this->config['ssl_cipher'])
) { ) {
# The presence of these keys as empty strings or null cause non-ssl connections to fail # The presence of these keys as empty strings or null cause non-ssl connections to fail
if ($this->config['ssl_key']) { if ($this->config['ssl_key']) {