tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'ent-9154-ssl-mysql-parametros-consola-conexion-consola' into 'develop' 

Ent 9154 ssl mysql parametros consola conexion consola

See merge request artica/pandorafms!5107
This commit is contained in:
Daniel Rodriguez 2022-09-16 08:55:49 +00:00
parent e7d13c5e36 b3054b6ab2
commit ca80be5867
3 changed files with 66 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
pandora_console/include/config.inc.php
View File

@ -1,4 +1,5 @@
<?php
/**
* Configuraton sample file.
*
@ -38,6 +39,11 @@
* $config["homedir"]="/var/www/pandora_console/";
* $config["homeurl"]="/pandora_console/";
* $config["auth"]["scheme"] = "mysql";
*
* This is used to configure MySQL SSL console connection
* $config["dbssl"]=0;
* $config["dbsslcafile"]="/path/ca-cert.pem";
* $config["sslverifyservercert"]=1;
*/
// By default report any error but notices.

77
pandora_console/include/db/mysql.php
View File

@ -31,7 +31,9 @@ function mysql_connect_db(
$user=null,
$pass=null,
$port=null,
$charset=null
$charset=null,
$ssl=null,
$verify=null
) {
global $config;
@ -55,6 +57,14 @@ function mysql_connect_db(
$port = $config['dbport'];
}
if ($ssl === null && (bool) $config['dbssl'] === true) {
$ssl = $config['dbsslcafile'];
}
if ($verify === null && (bool) $config['sslverifyservercert'] === true) {
$verify = 'verified';
}
// Check if mysqli is available
if (!isset($config['mysqli'])) {
$config['mysqli'] = extension_loaded(mysqli);
@ -63,22 +73,39 @@ function mysql_connect_db(
// Non-persistent connection: This will help to avoid mysql errors like "has gone away" or locking problems
// If you want persistent connections change it to mysql_pconnect().
if ($config['mysqli']) {
$connect_id = mysqli_connect($host, $user, $pass, $db, $port);
if (mysqli_connect_errno() > 0) {
include 'general/mysqlerr.php';
return false;
if (empty($ssl)) {
$connect_id = mysqli_connect($host, $user, $pass, $db, $port);
if (mysqli_connect_errno() > 0) {
include 'general/mysqlerr.php';
return false;
}
db_change_cache_id($db, $host);
if (isset($charset)) {
mysqli_set_charset($connect_id, $charset);
}
mysqli_select_db($connect_id, $db);
} else {
$connect_id = mysqli_init();
mysqli_ssl_set($connect_id, null, null, $ssl, null, null);
if ($verify === 'verified') {
mysqli_real_connect($connect_id, $host, $user, $pass, $db, $port, null, MYSQLI_CLIENT_SSL);
} else {
mysqli_real_connect($connect_id, $host, $user, $pass, $db, $port, null, MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT);
}
if (mysqli_connect_errno() > 0) {
include 'general/mysqlerr.php';
return false;
}
}
db_change_cache_id($db, $host);
if (isset($charset)) {
mysqli_set_charset($connect_id, $charset);
}
mysqli_select_db($connect_id, $db);
} else {
$connect_id = @mysql_connect($host.':'.$port, $user, $pass, true);
if (! $connect_id) {
if (!$connect_id) {
return false;
}
@ -117,7 +144,7 @@ function mysql_db_get_all_rows_sql($sql, $search_history_db=false, $cache=true,
$history = false;
// Connect to the history DB
if (! isset($config['history_db_connection']) || $config['history_db_connection'] === false) {
if (!isset($config['history_db_connection']) || $config['history_db_connection'] === false) {
$config['history_db_connection'] = db_connect($config['history_db_host'], $config['history_db_name'], $config['history_db_user'], io_output_password($config['history_db_pass']), $config['history_db_port'], false);
}
@ -142,13 +169,13 @@ function mysql_db_get_all_rows_sql($sql, $search_history_db=false, $cache=true,
}
// Append result to the history DB data
if (! empty($return)) {
if (!empty($return)) {
foreach ($return as $row) {
array_push($history, $row);
}
}
if (! empty($history)) {
if (!empty($history)) {
return $history;
}
@ -240,7 +267,7 @@ function mysql_db_get_row($table, $field_search, $condition, $fields=false, $cac
} else {
if (is_array($fields)) {
$fields = implode(',', $fields);
} else if (! is_string($fields)) {
} else if (!is_string($fields)) {
return false;
}
}
@ -403,7 +430,7 @@ function mysql_db_process_sql($sql, $rettype='affected_rows', $dbconnection='',
$cache = $config['dbcache'];
}
if ($cache && ! empty($sql_cache[$sql_cache['id']][$sql])) {
if ($cache && !empty($sql_cache[$sql_cache['id']][$sql])) {
$retval = $sql_cache[$sql_cache['id']][$sql];
$sql_cache['saved'][$sql_cache['id']]++;
db_add_database_debug_trace($sql);
@ -518,7 +545,7 @@ function mysql_db_process_sql($sql, $rettype='affected_rows', $dbconnection='',
}
}
if (! empty($retval)) {
if (!empty($retval)) {
return $retval;
}
@ -594,7 +621,7 @@ function mysql_encapsule_fields_with_same_name_to_instructions($field)
*/
function mysql_db_get_value_filter($field, $table, $filter, $where_join='AND', $search_history_db=false)
{
if (! is_array($filter) || empty($filter)) {
if (!is_array($filter) || empty($filter)) {
return false;
}
@ -693,7 +720,7 @@ function mysql_db_format_array_where_clause_sql($values, $join='AND', $prefix=fa
{
$fields = [];
if (! is_array($values)) {
if (!is_array($values)) {
return '';
}
@ -863,7 +890,7 @@ function mysql_db_format_array_where_clause_sql($values, $join='AND', $prefix=fa
$i++;
}
return (! empty($query) ? $prefix : '').$query.$group.$order.$limit.$offset;
return (!empty($query) ? $prefix : '').$query.$group.$order.$limit.$offset;
}
@ -945,7 +972,7 @@ function mysql_db_get_row_filter($table, $filter, $fields=false, $where_join='AN
} else {
if (is_array($fields)) {
$fields = implode(',', $fields);
} else if (! is_string($fields)) {
} else if (!is_string($fields)) {
return false;
}
}
@ -995,7 +1022,7 @@ function mysql_db_get_all_rows_filter($table, $filter=[], $fields=false, $where_
$fields = '*';
} else if (is_array($fields)) {
$fields = implode(',', $fields);
} else if (! is_string($fields)) {
} else if (!is_string($fields)) {
return false;
}

16
pandora_console/include/functions_config.php
View File

@ -1,4 +1,5 @@
<?php
/**
* Main configuration of Pandora FMS
*
@ -30,6 +31,7 @@
require_once __DIR__.'/../vendor/autoload.php';
require_once __DIR__.'/functions.php';
enterprise_include_once('include/functions_config.php');
use PandoraFMS\Core\DBMaintainer;
use PandoraFMS\Core\Config;
@ -146,7 +148,7 @@ function config_update_config()
return false;
}
if (! check_acl($config['id_user'], 0, 'PM') && ! is_user_admin($config['id_user'])) {
if (!check_acl($config['id_user'], 0, 'PM') && !is_user_admin($config['id_user'])) {
$config['error_config_update_config'] = [];
$config['error_config_update_config']['correct'] = false;
$config['error_config_update_config']['message'] = __('Failed updated: User is not admin.');
@ -2241,9 +2243,9 @@ function config_process_config()
config_update_value('2Fa_auth', '');
}
/*
* Parse the ACL IP list for access API
*/
/*
* Parse the ACL IP list for access API
*/
$temp_list_ACL_IPs_for_API = [];
if (isset($config['list_ACL_IPs_for_API'])) {
@ -2799,7 +2801,7 @@ function config_process_config()
$temp_ad_adv_perms = $config['ad_adv_perms'];
}
config_update_value('ad_adv_perms', $temp_ad_adv_perms);
config_update_value('ad_adv_perms', $temp_ad_adv_perms);
}
if (!isset($config['ldap_adv_perms'])) {
@ -3399,7 +3401,6 @@ function config_check()
$supervisor = new ConsoleSupervisor(false);
$supervisor->runBasic();
}
}
@ -3424,7 +3425,6 @@ function get_um_url()
}
return $url;
}
@ -3440,7 +3440,7 @@ function config_return_in_bytes($val)
$last = strtolower($val[(strlen($val) - 1)]);
$val = (int) trim($val);
switch ($last) {
// The 'G' modifier is available since PHP 5.1.0.
// The 'G' modifier is available since PHP 5.1.0.
case 'g':
$val *= 1024;
case 'm':