Skip to content
This repository was archived by the owner on Sep 19, 2022. It is now read-only.

Commit 50c49e3

Browse files
vyskocilpavelvyskocilpavel
committed
Added support for SSL
* Added option to set port * Added support for use SSL to connection to DB
1 parent c9e3933 commit 50c49e3

File tree

2 files changed

+93
-3
lines changed

2 files changed

+93
-3
lines changed

config-templates/module_statisticsproxy.php

Lines changed: 58 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,15 +8,72 @@
88

99
$config = array(
1010

11+
/*
12+
* Fill the serverName
13+
*/
1114
'serverName' => 'localhost',
1215

16+
/*
17+
* If you want to use the default port, please comment option 'port'
18+
*/
19+
'port' => 3306,
20+
21+
/*
22+
* Fill the user name
23+
*/
1324
'userName' => 'stats',
1425

26+
/*
27+
* Fill the password
28+
*/
1529
'password' => 'stats',
1630

31+
/*
32+
* Fill the database name
33+
*/
1734
'databaseName' => 'STATS',
1835

36+
/*
37+
* Fill the table name for identityProviders
38+
*/
1939
'identityProvidersTableName' => 'identityProviders',
2040

41+
/*
42+
* Fill the table name for serviceProviders
43+
*/
2144
'serviceProvidersTableName' => 'serviceProviders',
22-
);
45+
46+
/*
47+
* Fill true, if you want to use encryption, false if not.
48+
*/
49+
'encryption' => true/false,
50+
51+
/*
52+
* The path name to the certificate authority file.
53+
*
54+
* If you use encryption, you must fill this option.
55+
*/
56+
'ssl_ca' => '/example/ca.pem',
57+
58+
/*
59+
* The path name to the certificate file.
60+
*
61+
* If you use encryption, you must fill this option.
62+
*/
63+
'ssl_cert_path' => '/example/cert.pem',
64+
65+
/*
66+
* The path name to the key file.
67+
*
68+
* If you use encryption, you must fill this option.
69+
*/
70+
'ssl_key_path' => '/example/key.pem',
71+
72+
/*
73+
* The pathname to a directory that contains trusted SSL CA certificates in PEM format.
74+
*
75+
* If you use encryption, you must fill this option.
76+
*/
77+
'ssl_ca_path' => '/etc/ssl',
78+
79+
);

lib/Auth/Process/DatabaseConnector.php

Lines changed: 35 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -6,37 +6,70 @@
66
class databaseConnector
77
{
88
private $serverName;
9+
private $port;
910
private $username;
1011
private $password;
1112
private $databaseName;
1213
private $identityProvidersTableName;
1314
private $serviceProvidersTableName;
15+
private $encryption;
16+
private $sslCA;
17+
private $sslCert;
18+
private $sslKey;
19+
private $sslCAPath;
1420

1521
const CONFIG_FILE_NAME = 'module_statisticsproxy.php';
1622
const SERVER = 'serverName';
23+
const PORT = 'port';
1724
const USER = 'userName';
1825
const PASSWORD = 'password';
1926
const DATABASE = 'databaseName';
2027
const IDP_TABLE_NAME = 'identityProvidersTableName';
2128
const SP_TABLE_NAME = 'serviceProvidersTableName' ;
29+
const ENCRYPTION = 'encryption';
30+
const SSL_CA = 'ssl_ca';
31+
const SSL_CERT = 'ssl_cert_path';
32+
const SSL_KEY = 'ssl_key_path';
33+
const SSL_CA_PATH = 'ssl_ca_path';
2234

2335

2436

2537
public function __construct ()
2638
{
2739
$conf = SimpleSAML_Configuration::getConfig(self::CONFIG_FILE_NAME);
2840
$this->serverName = $conf->getString(self::SERVER);
41+
$this->port = $conf->getInteger(self::PORT, null);
2942
$this->username = $conf->getString(self::USER);
3043
$this->password = $conf->getString(self::PASSWORD);
3144
$this->databaseName = $conf->getString(self::DATABASE);
3245
$this->identityProvidersTableName = $conf->getString(self::IDP_TABLE_NAME);
3346
$this->serviceProvidersTableName = $conf->getString(self::SP_TABLE_NAME);
47+
$this->encryption = $conf->getBoolean(self::ENCRYPTION);
48+
$this->sslCA = $conf->getString(self::SSL_CA);
49+
$this->sslCert = $conf->getString(self::SSL_CERT);
50+
$this->sslKey = $conf->getString(self::SSL_KEY);
51+
$this->sslCAPath = $conf->getString(self::SSL_CA_PATH);
3452
}
3553

3654
public function getConnection()
3755
{
38-
$conn = NULL;
39-
$conn = new mysqli($this->serverName, $this->username, $this->password, $this->databaseName);
56+
$conn = mysqli_init();
57+
if ($this->encryption ===true){
58+
SimpleSAML_Logger::debug("Getting connection with encryption.");
59+
mysqli_ssl_set($conn, $this->sslKey,$this->sslCert, $this->sslCA, $this->sslCAPath, null);
60+
if ($this->port === null){
61+
mysqli_real_connect($conn, $this->serverName, $this->username, $this->password, $this->databaseName);
62+
} else{
63+
mysqli_real_connect($conn, $this->serverName, $this->username, $this->password, $this->databaseName, $this->port );
64+
}
65+
}
66+
else{
67+
if ($this->port === null){
68+
mysqli_real_connect($conn, $this->serverName, $this->username, $this->password, $this->databaseName);
69+
} else{
70+
mysqli_real_connect($conn, $this->serverName, $this->username, $this->password, $this->databaseName, $this->port );
71+
}
72+
}
4073
return $conn;
4174
}
4275

0 commit comments

Comments
 (0)