Skip to content
Snippets Groups Projects
Commit 50c49e30 authored by Pavel Vyskočil's avatar Pavel Vyskočil Committed by Pavel Vyskočil
Browse files

Added support for SSL

* Added option to set port
* Added support for use SSL to connection to DB
parent c9e39332
Branches
Tags
No related merge requests found
...@@ -8,15 +8,72 @@ ...@@ -8,15 +8,72 @@
$config = array( $config = array(
/*
* Fill the serverName
*/
'serverName' => 'localhost', 'serverName' => 'localhost',
/*
* If you want to use the default port, please comment option 'port'
*/
'port' => 3306,
/*
* Fill the user name
*/
'userName' => 'stats', 'userName' => 'stats',
/*
* Fill the password
*/
'password' => 'stats', 'password' => 'stats',
/*
* Fill the database name
*/
'databaseName' => 'STATS', 'databaseName' => 'STATS',
/*
* Fill the table name for identityProviders
*/
'identityProvidersTableName' => 'identityProviders', 'identityProvidersTableName' => 'identityProviders',
/*
* Fill the table name for serviceProviders
*/
'serviceProvidersTableName' => 'serviceProviders', 'serviceProvidersTableName' => 'serviceProviders',
);
\ No newline at end of file /*
* Fill true, if you want to use encryption, false if not.
*/
'encryption' => true/false,
/*
* The path name to the certificate authority file.
*
* If you use encryption, you must fill this option.
*/
'ssl_ca' => '/example/ca.pem',
/*
* The path name to the certificate file.
*
* If you use encryption, you must fill this option.
*/
'ssl_cert_path' => '/example/cert.pem',
/*
* The path name to the key file.
*
* If you use encryption, you must fill this option.
*/
'ssl_key_path' => '/example/key.pem',
/*
* The pathname to a directory that contains trusted SSL CA certificates in PEM format.
*
* If you use encryption, you must fill this option.
*/
'ssl_ca_path' => '/etc/ssl',
);
...@@ -6,19 +6,31 @@ ...@@ -6,19 +6,31 @@
class databaseConnector class databaseConnector
{ {
private $serverName; private $serverName;
private $port;
private $username; private $username;
private $password; private $password;
private $databaseName; private $databaseName;
private $identityProvidersTableName; private $identityProvidersTableName;
private $serviceProvidersTableName; private $serviceProvidersTableName;
private $encryption;
private $sslCA;
private $sslCert;
private $sslKey;
private $sslCAPath;
const CONFIG_FILE_NAME = 'module_statisticsproxy.php'; const CONFIG_FILE_NAME = 'module_statisticsproxy.php';
const SERVER = 'serverName'; const SERVER = 'serverName';
const PORT = 'port';
const USER = 'userName'; const USER = 'userName';
const PASSWORD = 'password'; const PASSWORD = 'password';
const DATABASE = 'databaseName'; const DATABASE = 'databaseName';
const IDP_TABLE_NAME = 'identityProvidersTableName'; const IDP_TABLE_NAME = 'identityProvidersTableName';
const SP_TABLE_NAME = 'serviceProvidersTableName' ; const SP_TABLE_NAME = 'serviceProvidersTableName' ;
const ENCRYPTION = 'encryption';
const SSL_CA = 'ssl_ca';
const SSL_CERT = 'ssl_cert_path';
const SSL_KEY = 'ssl_key_path';
const SSL_CA_PATH = 'ssl_ca_path';
...@@ -26,17 +38,38 @@ class databaseConnector ...@@ -26,17 +38,38 @@ class databaseConnector
{ {
$conf = SimpleSAML_Configuration::getConfig(self::CONFIG_FILE_NAME); $conf = SimpleSAML_Configuration::getConfig(self::CONFIG_FILE_NAME);
$this->serverName = $conf->getString(self::SERVER); $this->serverName = $conf->getString(self::SERVER);
$this->port = $conf->getInteger(self::PORT, null);
$this->username = $conf->getString(self::USER); $this->username = $conf->getString(self::USER);
$this->password = $conf->getString(self::PASSWORD); $this->password = $conf->getString(self::PASSWORD);
$this->databaseName = $conf->getString(self::DATABASE); $this->databaseName = $conf->getString(self::DATABASE);
$this->identityProvidersTableName = $conf->getString(self::IDP_TABLE_NAME); $this->identityProvidersTableName = $conf->getString(self::IDP_TABLE_NAME);
$this->serviceProvidersTableName = $conf->getString(self::SP_TABLE_NAME); $this->serviceProvidersTableName = $conf->getString(self::SP_TABLE_NAME);
$this->encryption = $conf->getBoolean(self::ENCRYPTION);
$this->sslCA = $conf->getString(self::SSL_CA);
$this->sslCert = $conf->getString(self::SSL_CERT);
$this->sslKey = $conf->getString(self::SSL_KEY);
$this->sslCAPath = $conf->getString(self::SSL_CA_PATH);
} }
public function getConnection() public function getConnection()
{ {
$conn = NULL; $conn = mysqli_init();
$conn = new mysqli($this->serverName, $this->username, $this->password, $this->databaseName); if ($this->encryption ===true){
SimpleSAML_Logger::debug("Getting connection with encryption.");
mysqli_ssl_set($conn, $this->sslKey,$this->sslCert, $this->sslCA, $this->sslCAPath, null);
if ($this->port === null){
mysqli_real_connect($conn, $this->serverName, $this->username, $this->password, $this->databaseName);
} else{
mysqli_real_connect($conn, $this->serverName, $this->username, $this->password, $this->databaseName, $this->port );
}
}
else{
if ($this->port === null){
mysqli_real_connect($conn, $this->serverName, $this->username, $this->password, $this->databaseName);
} else{
mysqli_real_connect($conn, $this->serverName, $this->username, $this->password, $this->databaseName, $this->port );
}
}
return $conn; return $conn;
} }
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment