diff options
| author | Andrey Andreev <narf@devilix.net> | 2015-07-16 15:17:27 +0200 |
|---|---|---|
| committer | Andrey Andreev <narf@devilix.net> | 2015-07-16 15:17:27 +0200 |
| commit | cfc9e77c89ee5377b25e411ef3d8ab43c8900b7e (patch) | |
| tree | 84eefe253951d0df09bb7d9a52289f74137b6544 | |
| parent | cbb70f0244b55935b61c605f3d2171489492c7db (diff) | |
Add 'ssl_verify' option for mysqli driver
MYSQLI_OPT_SSL_VERIFY_SERVER_CERT is an undocumented option that may not always be available.
Reference: http://svn.php.net/viewvc/php/php-src/trunk/ext/mysqli/tests/mysqli_constants.phpt?view=markup&pathrev=302897
| -rw-r--r-- | application/config/database.php | 1 | ||||
| -rw-r--r-- | system/database/drivers/mysqli/mysqli_driver.php | 5 | ||||
| -rw-r--r-- | user_guide_src/source/database/configuration.rst | 1 |
3 files changed, 7 insertions, 0 deletions
diff --git a/application/config/database.php b/application/config/database.php index ea345ee79..bf9857fff 100644 --- a/application/config/database.php +++ b/application/config/database.php @@ -49,6 +49,7 @@ defined('BASEPATH') OR exit('No direct script access allowed'); | 'ssl_ca' - Path to the certificate authority file | 'ssl_capath' - Path to a directory containing trusted CA certificats in PEM format | 'ssl_cipher' - List of *allowed* ciphers to be used for the encryption, separated by colons (':') +| 'ssl_verify' - TRUE/FALSE; Whether verify the server certificate or not ('mysqli' only) | | ['compress'] Whether or not to use client compression (MySQL only) | ['stricton'] TRUE/FALSE - forces 'Strict Mode' connections diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php index 8d398c866..dd3cc77c6 100644 --- a/system/database/drivers/mysqli/mysqli_driver.php +++ b/system/database/drivers/mysqli/mysqli_driver.php @@ -142,6 +142,11 @@ class CI_DB_mysqli_driver extends CI_DB { if ( ! empty($ssl)) { + if ( ! empty($this->encrypt['ssl_verify']) && defined('MYSQLI_OPT_SSL_VERIFY_SERVER_CERT')) + { + $mysqli->options(MYSQLI_OPT_SSL_VERIFY_SERVER_CERT, TRUE); + } + $client_flags |= MYSQLI_CLIENT_SSL; $mysqli->ssl_set( isset($ssl['key']) ? $ssl['key'] : NULL, diff --git a/user_guide_src/source/database/configuration.rst b/user_guide_src/source/database/configuration.rst index 6a6c84979..8026be63a 100644 --- a/user_guide_src/source/database/configuration.rst +++ b/user_guide_src/source/database/configuration.rst @@ -188,6 +188,7 @@ Explanation of Values: - 'ssl_ca' - Path to the certificate authority file - 'ssl_capath' - Path to a directory containing trusted CA certificats in PEM format - 'ssl_cipher' - List of *allowed* ciphers to be used for the encryption, separated by colons (':') + - 'ssl_verify' - TRUE/FALSE; Whether to verify the server certificate or not ('mysqli' only) **compress** Whether or not to use client compression (MySQL only). **stricton** TRUE/FALSE (boolean) - Whether to force "Strict Mode" connections, good for ensuring strict SQL |