From ebbd9025e465075f3bac4263622c7c32c276bc85 Mon Sep 17 00:00:00 2001 From: Lee Clemens Date: Tue, 14 Nov 2017 19:53:59 -0500 Subject: [PATCH] Add support for MySQL connections over SSL --- config.inc.php | 8 ++++++++ functions.inc.php | 29 +++++++++++++++++++---------- 2 files changed, 27 insertions(+), 10 deletions(-) diff --git a/config.inc.php b/config.inc.php index 7c4c04e9..f236385e 100644 --- a/config.inc.php +++ b/config.inc.php @@ -87,6 +87,14 @@ $CONF['database_user'] = 'postfix'; $CONF['database_password'] = 'postfixadmin'; $CONF['database_name'] = 'postfix'; +// Database SSL Config +$CONF['database_use_ssl'] = false; +$CONF['database_ssl_key'] = NULL; +$CONF['database_ssl_cert'] = NULL; +$CONF['database_ssl_ca'] = NULL; +$CONF['database_ssl_ca_path'] = NULL; +$CONF['database_ssl_cipher'] = NULL; + // If you need to specify a different port for a MYSQL database connection, use e.g. // $CONF['database_host'] = '172.30.33.66:3308'; // diff --git a/functions.inc.php b/functions.inc.php index 3eac8b0f..8fd5da27 100644 --- a/functions.inc.php +++ b/functions.inc.php @@ -1287,18 +1287,27 @@ function db_connect ($ignore_errors = false) { $error_text .= "

DEBUG INFORMATION:
MySQL 3.x / 4.0 functions not available! (php5-mysql installed?)
database_type = 'mysql' in config.inc.php, are you using a different database? $DEBUG_TEXT"; } } elseif ($CONF['database_type'] == "mysqli") { - if (function_exists ("mysqli_connect")) { - - $CONF['database_socket'] = isset($CONF['database_socket']) ? $CONF['database_socket'] : ini_get('mysqli.default_socket'); - $CONF['database_port'] = isset($CONF['database_port']) ? $CONF['database_socket'] : ini_get('mysqli.default_port'); - - $link = @mysqli_connect ($CONF['database_host'], $CONF['database_user'], $CONF['database_password'], $CONF['database_name'], $CONF['database_port'], $CONF['database_socket']) or $error_text .= ("

DEBUG INFORMATION:
Connect: " . mysqli_connect_error () . "$DEBUG_TEXT"); - if ($link) { - @mysqli_query($link,"SET CHARACTER SET utf8"); - @mysqli_query($link,"SET COLLATION_CONNECTION='utf8_general_ci'"); + $is_connected = false; + if ($CONF['database_use_ssl']) { + if (function_exists ("mysqli_real_connect")) { + $link = mysqli_init(); + $link->ssl_set($CONF['database_ssl_key'], $CONF['database_ssl_cert'], $CONF['database_ssl_ca'], $CONF['database_ssl_ca_path'], $CONF['database_ssl_cipher']); + $connected = mysqli_real_connect($link, $CONF['database_host'], $CONF['database_user'], $CONF['database_password'], $CONF['database_name'], $CONF['database_port']); + $is_connected = $connected; + } else { + $error_text .= "

DEBUG INFORMATION:
MySQLi 5 functions not available! (php5-mysqli installed?)
database_type = 'mysqli' in config.inc.php, are you using a different database? $DEBUG_TEXT"; } } else { - $error_text .= "

DEBUG INFORMATION:
MySQLi functions not available! (php5-mysqli installed?)
database_type = 'mysqli' in config.inc.php, are you using a different database? $DEBUG_TEXT"; + if (function_exists ("mysqli_connect")) { + $link = @mysqli_connect($CONF['database_host'], $CONF['database_user'], $CONF['database_password'], $CONF['database_name'], $CONF['database_port'], $CONF['database_socket']) or $error_text .= ("

DEBUG INFORMATION:
Connect: " . mysqli_connect_error() . "$DEBUG_TEXT"); + $is_connected = $link; + } else { + $error_text .= "

DEBUG INFORMATION:
MySQL 4.1 functions not available! (php5-mysqli installed?)
database_type = 'mysqli' in config.inc.php, are you using a different database? $DEBUG_TEXT"; + } + } + if ($is_connected) { + @mysqli_query($link,"SET CHARACTER SET utf8"); + @mysqli_query($link,"SET COLLATION_CONNECTION='utf8_general_ci'"); } } elseif (db_sqlite()) { if (class_exists ("SQLite3")) {