Mirror/TrinityCore
1
0
Fork 0
mirror of https://github.com/TrinityCore/TrinityCore.git synced 2026-01-16 07:30:42 +01:00
Code Issues Packages Projects Releases Wiki Activity

Added the ability to use TLS when connecting to a database. (#24348)

Browse Source 
* Added the ability to use TLS when connecting to a database.

* Trying to kickstart CI checks

* Revert the kickstart change

Co-authored-by: myuzhobcplidtkieno <myuzhobcplidtkieno@github.com>
Co-authored-by: Giacomo Pozzoni <giacomopoz@gmail.com>
(cherry picked from commit ae553f8966)
This commit is contained in:
myuzhobcplidtkieno
2020-04-08 08:08:28 +12:00
committed by Shauren
parent d0e1794d99
commit de5f7edede
6 changed files with 31 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/server/bnetserver/bnetserver.conf.dist
View File

@@ -215,13 +215,16 @@ IPLocationFile = ""
#
# LoginDatabaseInfo
# Description: Database connection settings for the realm server.
# Example: "hostname;port;username;password;database"
# Example: "hostname;port;username;password;database;ssl"
# ".;some_number;username;password;database" - (Use named pipes on Windows
# "enable-named-pipe" to [mysqld]
# section my.ini)
# ".;/path/to/unix_socket;username;password;database" - (use Unix sockets on
# Unix/Linux)
# Default: "127.0.0.1;3306;trinity;trinity;auth"
#
# The SSL option will enable TLS when connecting to the specified database. If not provided or
# any value other than 'ssl' is set, TLS will not be used.
LoginDatabaseInfo = "127.0.0.1;3306;trinity;trinity;auth"

15
src/server/database/Database/MySQLConnection.cpp
View File

@@ -34,7 +34,7 @@ MySQLConnectionInfo::MySQLConnectionInfo(std::string const& infoString)
{
Tokenizer tokens(infoString, ';');
if (tokens.size() != 5)
if (tokens.size() != 5 && tokens.size() != 6)
return;
uint8 i = 0;
@@ -44,6 +44,9 @@ MySQLConnectionInfo::MySQLConnectionInfo(std::string const& infoString)
user.assign(tokens[i++]);
password.assign(tokens[i++]);
database.assign(tokens[i++]);
if (tokens.size() == 6)
ssl.assign(tokens[i++]);
}
MySQLConnection::MySQLConnection(MySQLConnectionInfo& connInfo) :
@@ -129,6 +132,16 @@ uint32 MySQLConnection::Open()
}
#endif
if (m_connectionInfo.ssl != "")
{
my_bool opt_use_ssl = false;
if (m_connectionInfo.ssl == "ssl")
{
opt_use_ssl = true;
}
mysql_options(mysqlInit, MYSQL_OPT_SSL_ENFORCE, (char const*)&opt_use_ssl);
}
m_Mysql = reinterpret_cast<MySQLHandle*>(mysql_real_connect(mysqlInit, m_connectionInfo.host.c_str(), m_connectionInfo.user.c_str(),
m_connectionInfo.password.c_str(), m_connectionInfo.database.c_str(), port, unix_socket, 0));

1
src/server/database/Database/MySQLConnection.h
View File

@@ -49,6 +49,7 @@ struct TC_DATABASE_API MySQLConnectionInfo
std::string database;
std::string host;
std::string port_or_socket;
std::string ssl;
};
class TC_DATABASE_API MySQLConnection

10
src/server/database/Updater/DBUpdater.cpp
View File

@@ -220,7 +220,7 @@ bool DBUpdater<T>::Create(DatabaseWorkerPool<T>& pool)
try
{
DBUpdater<T>::ApplyFile(pool, pool.GetConnectionInfo()->host, pool.GetConnectionInfo()->user, pool.GetConnectionInfo()->password,
pool.GetConnectionInfo()->port_or_socket, "", temp);
pool.GetConnectionInfo()->port_or_socket, "", pool.GetConnectionInfo()->ssl, temp);
}
catch (UpdateException&)
{
@@ -355,12 +355,13 @@ template<class T>
void DBUpdater<T>::ApplyFile(DatabaseWorkerPool<T>& pool, Path const& path)
{
DBUpdater<T>::ApplyFile(pool, pool.GetConnectionInfo()->host, pool.GetConnectionInfo()->user, pool.GetConnectionInfo()->password,
pool.GetConnectionInfo()->port_or_socket, pool.GetConnectionInfo()->database, path);
pool.GetConnectionInfo()->port_or_socket, pool.GetConnectionInfo()->database, pool.GetConnectionInfo()->ssl, path);
}
template<class T>
void DBUpdater<T>::ApplyFile(DatabaseWorkerPool<T>& pool, std::string const& host, std::string const& user,
std::string const& password, std::string const& port_or_socket, std::string const& database, Path const& path)
std::string const& password, std::string const& port_or_socket, std::string const& database, std::string const& ssl,
Path const& path)
{
std::vector<std::string> args;
args.reserve(8);
@@ -404,6 +405,9 @@ void DBUpdater<T>::ApplyFile(DatabaseWorkerPool<T>& pool, std::string const& hos
// Set max allowed packet to 1 GB
args.push_back("--max-allowed-packet=1GB");
if (ssl == "ssl")
args.push_back("--ssl");
// Database
if (!database.empty())
args.push_back(database);

3
src/server/database/Updater/DBUpdater.h
View File

@@ -89,7 +89,8 @@ private:
static void Apply(DatabaseWorkerPool<T>& pool, std::string const& query);
static void ApplyFile(DatabaseWorkerPool<T>& pool, Path const& path);
static void ApplyFile(DatabaseWorkerPool<T>& pool, std::string const& host, std::string const& user,
std::string const& password, std::string const& port_or_socket, std::string const& database, Path const& path);
std::string const& password, std::string const& port_or_socket, std::string const& database, std::string const& ssl,
Path const& path);
};
#endif // DBUpdater_h__

4
src/server/worldserver/worldserver.conf.dist
View File

@@ -93,7 +93,7 @@ LogsDir = ""
# CharacterDatabaseInfo
# HotfixDatabaseInfo
# Description: Database connection settings for the world server.
# Example: "hostname;port;username;password;database"
# Example: "hostname;port;username;password;database;ssl"
# ".;some_number;username;password;database" - (Use named pipes on Windows
# "enable-named-pipe" to [mysqld]
# section my.ini)
@@ -109,6 +109,8 @@ LogsDir = ""
# search for TCE00016 on forum.
# Don't open port on firewall to external connections (it belongs to MySQL, not to wow server).
# The username you choose must have permissions to create/alter/rename tables.
# The SSL option will enable TLS when connecting to the specified database. If not provided or
# any value other than 'ssl' is set, TLS will not be used.
LoginDatabaseInfo = "127.0.0.1;3306;trinity;trinity;auth"
WorldDatabaseInfo = "127.0.0.1;3306;trinity;trinity;world"