From 4ea5cf13ec3f99e6eaedd9c2f1452e6ae173023b Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Wed, 22 Aug 2018 14:23:17 +0300 Subject: [ci skip] Fix #5561 --- system/database/drivers/mysqli/mysqli_driver.php | 34 +++++++++++++----------- user_guide_src/source/changelog.rst | 1 + 2 files changed, 19 insertions(+), 16 deletions(-) diff --git a/system/database/drivers/mysqli/mysqli_driver.php b/system/database/drivers/mysqli/mysqli_driver.php index 7cec29e9e..6a11b602b 100644 --- a/system/database/drivers/mysqli/mysqli_driver.php +++ b/system/database/drivers/mysqli/mysqli_driver.php @@ -167,26 +167,28 @@ class CI_DB_mysqli_driver extends CI_DB { empty($this->encrypt['ssl_capath']) OR $ssl['capath'] = $this->encrypt['ssl_capath']; empty($this->encrypt['ssl_cipher']) OR $ssl['cipher'] = $this->encrypt['ssl_cipher']; - if ( ! empty($ssl)) + if (isset($this->encrypt['ssl_verify'])) { - if (isset($this->encrypt['ssl_verify'])) + $client_flags |= MYSQLI_CLIENT_SSL; + + if ($this->encrypt['ssl_verify']) + { + defined('MYSQLI_OPT_SSL_VERIFY_SERVER_CERT') && $this->_mysqli->options(MYSQLI_OPT_SSL_VERIFY_SERVER_CERT, TRUE); + } + // Apparently (when it exists), setting MYSQLI_OPT_SSL_VERIFY_SERVER_CERT + // to FALSE didn't do anything, so PHP 5.6.16 introduced yet another + // constant ... + // + // https://secure.php.net/ChangeLog-5.php#5.6.16 + // https://bugs.php.net/bug.php?id=68344 + elseif (defined('MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT')) { - if ($this->encrypt['ssl_verify']) - { - defined('MYSQLI_OPT_SSL_VERIFY_SERVER_CERT') && $this->_mysqli->options(MYSQLI_OPT_SSL_VERIFY_SERVER_CERT, TRUE); - } - // Apparently (when it exists), setting MYSQLI_OPT_SSL_VERIFY_SERVER_CERT - // to FALSE didn't do anything, so PHP 5.6.16 introduced yet another - // constant ... - // - // https://secure.php.net/ChangeLog-5.php#5.6.16 - // https://bugs.php.net/bug.php?id=68344 - elseif (defined('MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT')) - { - $client_flags |= MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT; - } + $client_flags |= MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT; } + } + if ( ! empty($ssl)) + { $client_flags |= MYSQLI_CLIENT_SSL; $this->_mysqli->ssl_set( isset($ssl['key']) ? $ssl['key'] : NULL, diff --git a/user_guide_src/source/changelog.rst b/user_guide_src/source/changelog.rst index 966b4cb73..ddcb4ba57 100644 --- a/user_guide_src/source/changelog.rst +++ b/user_guide_src/source/changelog.rst @@ -10,6 +10,7 @@ Bug fixes for 3.1.10 - Fixed a bug (#5526) - :doc:`Session Library ` had a syntax error in its 'memcached' driver. - Fixed a bug (#5542) - :doc:`Database Forge ` method ``modify_column()`` always made fields ``NOT NULL`` when attempting to modify their nullable property under PostgreSQL. +- Fixed a bug (#5561) - :doc:`Database Library ` didn't allow SSL connection configuration with only the 'ssl_verify' option when using the 'mysqli' driver. Version 3.1.9 ============= -- cgit v1.2.3-24-g4f1b