diff --git a/core/cmdbsource.class.inc.php b/core/cmdbsource.class.inc.php index 51a12994e..b57b2b1e0 100644 --- a/core/cmdbsource.class.inc.php +++ b/core/cmdbsource.class.inc.php @@ -99,59 +99,48 @@ class CMDBSource * @param string $sServer * @param string $sUser * @param string $sPwd - * @param string $sSource + * @param string $sSource database to use + * @param string $sSSLKey + * @param string $sSSLCert + * @param string $sSSLCA + * @param string $sSSLCipher * * @throws \MySQLException */ public static function Init($sServer, $sUser, $sPwd, $sSource = '', $sSSLKey = NULL, $sSSLCert = NULL, $sSSLCA = NULL, $sSSLCipher = NULL ) { + self::$m_oMysqli = null; + self::$m_sDBHost = $sServer; self::$m_sDBUser = $sUser; self::$m_sDBPwd = $sPwd; self::$m_sDBName = $sSource; - self::$m_sDBSSLKey = $sSSLKey; - self::$m_sDBSSLCert = $sSSLCert; - self::$m_sDBSSLCA = $sSSLCA; - self::$m_sDBSSLCipher = $sSSLCipher; - self::$m_oMysqli = null; + self::$m_sDBSSLKey = empty($sSSLKey) ? null : $sSSLKey; + self::$m_sDBSSLCert = empty($sSSLCert) ? null : $sSSLCert; + self::$m_sDBSSLCA = empty($sSSLCA) ? null : $sSSLCA; + self::$m_sDBSSLCipher = empty($sSSLCipher) ? null : $sSSLCipher; + + $sServer = null; + $iPort = null; + self::InitServerAndPort($sServer, $iPort); + $iFlags = null; mysqli_report(MYSQLI_REPORT_STRICT); // *some* errors (like connection errors) will throw mysqli_sql_exception instead // of generating warnings printed to the output but some other errors will still // cause the query() method to return false !!! try { - $aConnectInfo = explode(':', self::$m_sDBHost); - if (count($aConnectInfo) > 1) + self::$m_oMysqli = new mysqli(); + self::$m_oMysqli->init(); + + if (!empty(self::$m_sDBSSLKey) && !empty(self::$m_sDBSSLCert) && !empty(self::$m_sDBSSLCA)) { - // Override the default port - $sServer = $aConnectInfo[0]; - $iPort = (int)$aConnectInfo[1]; - self::$m_oMysqli = new mysqli(); - self::$m_oMysqli->init(); - if ( empty(self::$m_sDBSSLKey) || empty(self::$m_sDBSSLCert) || empty(self::$m_sDBSSLCA) ) - { - self::$m_oMysqli->real_connect($sServer,self::$m_sDBUser,self::$m_sDBPwd,'',$iPort); - } - else - { - self::$m_oMysqli->ssl_set(self::$m_sDBSSLKey,self::$m_sDBSSLCert,self::$m_sDBSSLCA,NULL,self::$m_sDBSSLCipher); - self::$m_oMysqli->real_connect($sServer,self::$m_sDBUser,self::$m_sDBPwd,'',$iPort, ini_get("mysqli.default_socket"),MYSQLI_CLIENT_SSL ); - } - } - else - { - self::$m_oMysqli = new mysqli(); - self::$m_oMysqli->init(); - if ( empty(self::$m_sDBSSLKey) || empty(self::$m_sDBSSLCert) || empty(self::$m_sDBSSLCA) ) - { - self::$m_oMysqli->real_connect($sServer,self::$m_sDBUser,self::$m_sDBPwd); - } - else - { - self::$m_oMysqli->ssl_set(self::$m_sDBSSLKey,self::$m_sDBSSLCert,self::$m_sDBSSLCA,NULL,self::$m_sDBSSLCipher); - self::$m_oMysqli->real_connect('p:'.self::$m_sDBHost,self::$m_sDBUser,self::$m_sDBPwd,'',NULL, ini_get("mysqli.default_socket"),MYSQLI_CLIENT_SSL ); - } + $iFlags = MYSQLI_CLIENT_SSL; + self::$m_oMysqli->ssl_set(self::$m_sDBSSLKey, self::$m_sDBSSLCert, self::$m_sDBSSLCA, null, + self::$m_sDBSSLCipher); } + self::$m_oMysqli->real_connect($sServer, self::$m_sDBUser, self::$m_sDBPwd, '', $iPort, + ini_get("mysqli.default_socket"), $iFlags); } catch(mysqli_sql_exception $e) { @@ -172,6 +161,35 @@ class CMDBSource } } + /** + * Initialize variables from the static attribute (containing "domain:port" syntax) + * + * @param string $sServer + * @param int $iPort + */ + private static function InitServerAndPort(&$sServer, &$iPort) + { + $aConnectInfo = explode(':', self::$m_sDBHost); + if (count($aConnectInfo) > 1) + { + // Override the default port + $sServer = $aConnectInfo[0]; + $iPort = (int)$aConnectInfo[1]; + } + else + { + $sServer = self::$m_sDBHost; + $iPort = null; + } + + if (!empty(self::$m_sDBSSLKey) && !empty(self::$m_sDBSSLCert) && !empty(self::$m_sDBSSLCA)) + { + // use persistent connexions to limit TLS overhead + // see http://php.net/manual/en/mysqli.persistconns.php + $sServer = 'p:'.self::$m_sDBHost; + } + } + public static function SetCharacterSet($sCharset = 'utf8', $sCollation = 'utf8_general_ci') { if (strlen($sCharset) > 0) diff --git a/core/config.class.inc.php b/core/config.class.inc.php index 514f5a4a2..a37837209 100644 --- a/core/config.class.inc.php +++ b/core/config.class.inc.php @@ -1176,6 +1176,14 @@ class Config $sConfigCode = trim(file_get_contents($sConfigFile)); + // Variables created when doing an eval() on the config file + /** @var array $MySettings */ + $MySettings = null; + /** @var array $MyModuleSettings */ + $MyModuleSettings = null; + /** @var array $MyModules */ + $MyModules = null; + // This does not work on several lines // preg_match('/^<\\?php(.*)\\?'.'>$/', $sConfigCode, $aMatches)... // So, I've implemented a solution suggested in the PHP doc (search for phpWrapper) @@ -1236,10 +1244,10 @@ class Config $this->m_sDBPwd = trim($MySettings['db_pwd']); $this->m_sDBName = trim($MySettings['db_name']); $this->m_sDBSubname = trim($MySettings['db_subname']); - $this->m_sDBSSLKey = trim($MySettings['db_ssl_key']); - $this->m_sDBSSLCert = trim($MySettings['db_ssl_cert']); - $this->m_sDBSSLCA = trim($MySettings['db_ssl_ca']); - $this->m_sDBSSLCipher = trim($MySettings['db_ssl_cipher']); + $this->m_sDBSSLKey = isset($MySettings['db_ssl.key']) ? (trim($MySettings['db_ssl.key'])) : ''; + $this->m_sDBSSLCert = isset($MySettings['db_ssl.cert']) ? (trim($MySettings['db_ssl.cert'])) : ''; + $this->m_sDBSSLCA = isset($MySettings['db_ssl.ca']) ? (trim($MySettings['db_ssl.ca'])) : ''; + $this->m_sDBSSLCipher = isset($MySettings['db_ssl.cipher']) ? trim($MySettings['db_ssl.cipher']) : ''; $this->m_sDBCharacterSet = isset($MySettings['db_character_set']) ? trim($MySettings['db_character_set']) : DEFAULT_CHARACTER_SET; $this->m_sDBCollation = isset($MySettings['db_collation']) ? trim($MySettings['db_collation']) : DEFAULT_COLLATION; @@ -1824,14 +1832,17 @@ class Config if ($sDBName == '') { // Todo - obsolete after the transition to the new setup (2.0) is complete (WARNING: used by the designer) - $sDBName = $aParamValues['new_db_name']; + if (isset($aParamValues['new_db_name'])) + { + $sDBName = $aParamValues['new_db_name']; + } } $this->SetDBName($sDBName); $this->SetDBSubname($aParamValues['db_prefix']); - $this->SetDBSSLKey($aParamValues['db_ssl_key']); - $this->SetDBSSLCert($aParamValues['db_ssl_cert']); - $this->SetDBSSLCA($aParamValues['db_ssl_ca']); - $this->SetDBSSLCipher($aParamValues['db_ssl_cipher']); + if (isset($aParamValues['db_ssl_key'])) { $this->SetDBSSLKey($aParamValues['db_ssl_key']);} + if (isset($aParamValues['db_ssl_key'])) { $this->SetDBSSLCert($aParamValues['db_ssl_cert']);} + if (isset($aParamValues['db_ssl_ca'])) { $this->SetDBSSLCA($aParamValues['db_ssl_ca']);} + if (isset($aParamValues['db_ssl_cipher'])) { $this->SetDBSSLCipher($aParamValues['db_ssl_cipher']);} } if (isset($aParamValues['selected_modules'])) @@ -1936,6 +1947,8 @@ class Config $sNiceExport = str_replace(array("\r\n", "\n", "\r"), "\n".$sIndentation, trim($sExport)); if (!$bForceIndentation) { + /** @var array $aImported */ + $aImported = null; eval('$aImported='.$sNiceExport.';'); // Check if adding the identations at the beginning of each line // did not modify the values (in case of a string containing a line break) diff --git a/setup/setuputils.class.inc.php b/setup/setuputils.class.inc.php index ba05dffab..ba19be9e8 100644 --- a/setup/setuputils.class.inc.php +++ b/setup/setuputils.class.inc.php @@ -1126,10 +1126,10 @@ EOF $sDBUser = $aParameters['db_user']; $sDBPwd = $aParameters['db_pwd']; $sDBName = $aParameters['db_name']; - $sSSLKey = $aParameters['db_ssl_key']; - $sSSLCert = $aParameters['db_ssl_cert']; - $sSSLCA = $aParameters['db_ssl_ca']; - $sSSLCipher = $aParameters['db_ssl_cipher']; + $sSSLKey = (isset($aParameters['db_ssl_key'])) ? $aParameters['db_ssl_key'] : null; + $sSSLCert = isset($aParameters['db_ssl_cert']) ? $aParameters['db_ssl_cert'] : null; + $sSSLCA = (isset($aParameters['db_ssl_ca'])) ? $aParameters['db_ssl_ca'] : null; + $sSSLCipher = (isset($aParameters['db_ssl_cipher'])) ? $aParameters['db_ssl_cipher'] : null; $oPage->add_ready_script('oXHRCheckDB = null;');