Skip to content
Advertisement

Symfony 1.4 connect to mysql via SSL

I need to change an old Symfony 1.4 application so that it’s able to connect to mysql via ssl-connection.

I found a lot about this for Symfony >= 2. But unfortunately not for this dusty one.

For validation purposes I already made it work by editing

./apps/frontend/lib/vendor/symfony/lib/plugins/sfDoctrinePlugin/lib/vendor/doctrine/Connection.php

$this->dbh = new PDO($this->options['dsn'], $this->options['username'],
(!$this->options['password'] ? '':$this->options['password']), array(PDO::ATTR_PERSISTENT => true));

to

$this->dbh = new PDO($this->options['dsn'], $this->options['username'],
(!$this->options['password'] ? '':$this->options['password']),  
array(PDO::ATTR_PERSISTENT => true,                           
PDO::MYSQL_ATTR_SSL_KEY  => '/etc/my.cnf.d/ssl/client-key.pem',        
PDO::MYSQL_ATTR_SSL_CERT => '/etc/my.cnf.d/ssl/client-cert.pem',        
PDO::MYSQL_ATTR_SSL_CA   => '/etc/my.cnf.d/ssl/ca-cert.pem'));

But I wonder if this ugly hack is actually the only solution?

Advertisement

Answer

It took me a while to see that this connection class is already overwritten (apps/frontend/lib…).

So I only had to make these variables configurable. There is an option in databases.yml configuration called attributes (doctrine::param::attributes). If you pass non-string keys you can get them with getAttribute.

So at least it works (it’s inside the try area of connect-method).

$sslOptionKeys = array(PDO::MYSQL_ATTR_SSL_KEY, PDO::MYSQL_ATTR_SSL_CERT, PDO::MYSQL_ATTR_SSL_CA);

foreach($sslOptionKeys as $sslOptionKey) {
   if(array_key_exists($sslOptionKey, $this->pendingAttributes)) {
       $pdoOptions[$sslOptionKey] = $this->getAttribute($sslOptionKey);
   }
}

$this->dbh = new PDO($this->options['dsn'], $this->options['username'],
                     (!$this->options['password'] ? '':$this->options['password']),
                     $pdoOptions);

In databases.yml you will have to type the following (comments help to understand these numbers)

all:
  doctrine:
    class: sfDoctrineDatabase
    param:
      dsn:      mysql:host=localhost;dbname=db
      username: user
      password: pass
      encoding: utf8
      attributes:
        #PDO::MYSQL_ATTR_SSL_KEY
        1010: /etc/my.cnf.d/ssl/client-key.pem
        #PDO::MYSQL_ATTR_SSL_CERT
        1011: /etc/my.cnf.d/ssl/client-cert.pem
        #PDO::MYSQL_ATTR_SSL_CA
        1012: /etc/my.cnf.d/ssl/ca-cert.pem
User contributions licensed under: CC BY-SA
2 People found this is helpful
Advertisement