Skip to content

Commit

Permalink
Add SSL verification support
Browse files Browse the repository at this point in the history
  • Loading branch information
iquito committed Aug 25, 2024
1 parent 09fde8f commit d9f9809
Show file tree
Hide file tree
Showing 19 changed files with 520 additions and 10 deletions.
1 change: 1 addition & 0 deletions .gitattributes
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
/bin export-ignore
/build export-ignore
/tests export-ignore
/tools export-ignore
/examples export-ignore
Expand Down
4 changes: 2 additions & 2 deletions docker/Dockerfile/mariadb_ssl
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
# syntax=docker/dockerfile:1
FROM mariadb:latest

COPY docker/ssl/squirrel.crt /etc/mysql/certs/server.crt
COPY docker/ssl/squirrel.key /etc/mysql/certs/server.key
COPY docker/ssl/db_ssl.crt /etc/mysql/certs/server.crt
COPY docker/ssl/db_ssl.key /etc/mysql/certs/server.key
COPY docker/ssl/DadaismCA.crt /etc/mysql/certs/ca.crt

RUN chmod 600 /etc/mysql/certs/server.key
Expand Down
4 changes: 2 additions & 2 deletions docker/Dockerfile/mysql_ssl
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
# syntax=docker/dockerfile:1
FROM mysql/mysql-server:latest

COPY docker/ssl/squirrel.crt /etc/mysql/certs/server.crt
COPY docker/ssl/squirrel.key /etc/mysql/certs/server.key
COPY docker/ssl/db_ssl.crt /etc/mysql/certs/server.crt
COPY docker/ssl/db_ssl.key /etc/mysql/certs/server.key
COPY docker/ssl/DadaismCA.crt /etc/mysql/certs/ca.crt

RUN chmod 600 /etc/mysql/certs/server.key
Expand Down
4 changes: 2 additions & 2 deletions docker/Dockerfile/postgres_ssl
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
# syntax=docker/dockerfile:1
FROM postgres:latest

COPY docker/ssl/squirrel.crt /var/lib/postgresql/server.crt
COPY docker/ssl/squirrel.key /var/lib/postgresql/server.key
COPY docker/ssl/db_ssl.crt /var/lib/postgresql/server.crt
COPY docker/ssl/db_ssl.key /var/lib/postgresql/server.key
COPY docker/ssl/DadaismCA.crt /var/lib/postgresql/ca.crt

RUN chmod 600 /var/lib/postgresql/server.key
Expand Down
52 changes: 52 additions & 0 deletions docker/compose/coverage.yml
Original file line number Diff line number Diff line change
Expand Up @@ -46,8 +46,11 @@ services:
- mysql
- mariadb
- postgres_ssl
- postgres_ssl_ca
- mysql_ssl
- mysql_ssl_ca
- mariadb_ssl
- mariadb_ssl_ca

postgres:
image: postgres:latest
Expand Down Expand Up @@ -94,6 +97,23 @@ services:
- --ssl_key_file=/var/lib/postgresql/server.key
- --ssl=on

postgres_ssl_ca:
build:
context: .
dockerfile: ./docker/Dockerfile/postgres_ssl
container_name: squirrel_connection_postgres_ssl_ca
volumes:
- ./docker/sql/postgres_init.sql:/docker-entrypoint-initdb.d/postgres_init.sql
environment:
POSTGRES_DB: 'shop'
POSTGRES_USER: 'user'
POSTGRES_PASSWORD: 'password'
command:
- --ssl_ca_file=/var/lib/postgresql/ca.crt
- --ssl_cert_file=/var/lib/postgresql/server.crt
- --ssl_key_file=/var/lib/postgresql/server.key
- --ssl=on

mysql_ssl:
build:
context: .
Expand All @@ -110,11 +130,43 @@ services:
- --ssl-key=/etc/mysql/certs/server.key
- --require-secure-transport=ON

mysql_ssl_ca:
build:
context: .
dockerfile: ./docker/Dockerfile/mysql_ssl
container_name: squirrel_connection_mysql_ssl_ca
environment:
MYSQL_ROOT_PASSWORD: 'whatever'
MYSQL_DATABASE: 'shop'
MYSQL_USER: 'user'
MYSQL_PASSWORD: 'password'
command:
- --ssl-ca=/etc/mysql/certs/ca.crt
- --ssl-cert=/etc/mysql/certs/server.crt
- --ssl-key=/etc/mysql/certs/server.key
- --require-secure-transport=ON

mariadb_ssl:
build:
context: .
dockerfile: ./docker/Dockerfile/mariadb_ssl
container_name: squirrel_connection_mariadb_ssl
environment:
MARIADB_ROOT_PASSWORD: 'whatever'
MARIADB_DATABASE: 'shop'
MARIADB_USER: 'user'
MARIADB_PASSWORD: 'password'
command:
- --ssl-ca=/etc/mysql/certs/ca.crt
- --ssl-cert=/etc/mysql/certs/server.crt
- --ssl-key=/etc/mysql/certs/server.key
- --require-secure-transport=ON

mariadb_ssl_ca:
build:
context: .
dockerfile: ./docker/Dockerfile/mariadb_ssl
container_name: squirrel_connection_mariadb_ssl_ca
environment:
MARIADB_ROOT_PASSWORD: 'whatever'
MARIADB_DATABASE: 'shop'
Expand Down
52 changes: 52 additions & 0 deletions docker/compose/test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -39,8 +39,11 @@ services:
- mysql
- mariadb
- postgres_ssl
- postgres_ssl_ca
- mysql_ssl
- mysql_ssl_ca
- mariadb_ssl
- mariadb_ssl_ca

postgres:
image: postgres:latest
Expand Down Expand Up @@ -87,6 +90,23 @@ services:
- --ssl_key_file=/var/lib/postgresql/server.key
- --ssl=on

postgres_ssl_ca:
build:
context: .
dockerfile: ./docker/Dockerfile/postgres_ssl
container_name: squirrel_connection_postgres_ssl_ca
volumes:
- ./docker/sql/postgres_init.sql:/docker-entrypoint-initdb.d/postgres_init.sql
environment:
POSTGRES_DB: 'shop'
POSTGRES_USER: 'user'
POSTGRES_PASSWORD: 'password'
command:
- --ssl_ca_file=/var/lib/postgresql/ca.crt
- --ssl_cert_file=/var/lib/postgresql/server.crt
- --ssl_key_file=/var/lib/postgresql/server.key
- --ssl=on

mysql_ssl:
build:
context: .
Expand All @@ -103,11 +123,43 @@ services:
- --ssl-key=/etc/mysql/certs/server.key
- --require-secure-transport=ON

mysql_ssl_ca:
build:
context: .
dockerfile: ./docker/Dockerfile/mysql_ssl
container_name: squirrel_connection_mysql_ssl_ca
environment:
MYSQL_ROOT_PASSWORD: 'whatever'
MYSQL_DATABASE: 'shop'
MYSQL_USER: 'user'
MYSQL_PASSWORD: 'password'
command:
- --ssl-ca=/etc/mysql/certs/ca.crt
- --ssl-cert=/etc/mysql/certs/server.crt
- --ssl-key=/etc/mysql/certs/server.key
- --require-secure-transport=ON

mariadb_ssl:
build:
context: .
dockerfile: ./docker/Dockerfile/mariadb_ssl
container_name: squirrel_connection_mariadb_ssl
environment:
MARIADB_ROOT_PASSWORD: 'whatever'
MARIADB_DATABASE: 'shop'
MARIADB_USER: 'user'
MARIADB_PASSWORD: 'password'
command:
- --ssl-ca=/etc/mysql/certs/ca.crt
- --ssl-cert=/etc/mysql/certs/server.crt
- --ssl-key=/etc/mysql/certs/server.key
- --require-secure-transport=ON

mariadb_ssl_ca:
build:
context: .
dockerfile: ./docker/Dockerfile/mariadb_ssl
container_name: squirrel_connection_mariadb_ssl_ca
environment:
MARIADB_ROOT_PASSWORD: 'whatever'
MARIADB_DATABASE: 'shop'
Expand Down
43 changes: 43 additions & 0 deletions docker/ssl/db_ssl.crt
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
-----BEGIN CERTIFICATE-----
MIIHqTCCA5GgAwIBAgIUUPlbJMY3u30JSWDYxMXKxWcmkSEwDQYJKoZIhvcNAQEL
BQAwSTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUxEDAOBgNVBAoM
B0RhZGFpc20xEzARBgNVBAMMCkRhZGFpc20gQ0EwIBcNMjQwODI1MTU0NTI2WhgP
MjA1MjAxMTExNTQ1MjZaMB8xCzAJBgNVBAYTAkxJMRAwDgYDVQQKDAdQYW5heGlz
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA8wMlG5OXajlcIZDeSoD0
+MG8vLjHl+9kndGkQ02y0dh0sX9Ygtdh6FG0tPayom67jOo6VYFFFlhf+6yW+pl/
eI7qq+TGYG9Kc8jVPGG6led7HuHvyErWl+va89nMFquu8pGKmgud/kGkdsm3ny5w
tlCJr2j6OtnNHAlRew1XK7W79PXi24Vg/7gYK83SqcSTQJ6qAzLAt+N8haX6a+6L
JgQzyvOITgcj9lcOGxYVqMnQWkKp4V44ki0MQQ3n/fCQobhcVQ4id4QzUhGTQbOt
XfIgr3gqQhks2pTUsemv8d3a94X53K7DZSUASBzvyQQuPtE7iHXZ91vSDnRXSNyh
5jZok0qD/Yy7goKMHd3wbY0f3PDtdFLCPnWvWJ00LoO2pDoyZUEEn84kitXjN3Om
PwN3dBTPok6rSn3XW40Rgfl2sa1xH5iUN6eEpZv3qlW82XiHTXdM7OwVIelKqrBM
qRTJ83GS1NQEjV0yunuI1IDVk+CtPusk2Ryu7A8tcFzRBuE+RsNF6fkvy9kqLqy4
R01bF/afvliRsou/fSeQjFdIqmkQsmzwWwWKsLGP4DHQmtyw07zXpYTSSRWf7S33
I1gC8cqxXJSKT3MiCb3MG0Cvlj8J2hVzVtY5wXR7tiIDoJTsmNiXaXVk25xKWguZ
QkWlZD2PxvVdX+fQOaWjyEMCAwEAAaOBsDCBrTBrBgNVHREEZDBigh1zcXVpcnJl
bF9jb25uZWN0aW9uX215c3FsX3NzbIIfc3F1aXJyZWxfY29ubmVjdGlvbl9tYXJp
YWRiX3NzbIIgc3F1aXJyZWxfY29ubmVjdGlvbl9wb3N0Z3Jlc19zc2wwHQYDVR0O
BBYEFJNAdMr6va/O7ewVjcmTuSqnLoREMB8GA1UdIwQYMBaAFDtMMiNpFFfPlyPQ
vsZLpM3fRI5EMA0GCSqGSIb3DQEBCwUAA4IEAQBY5XqyBXpR3KAWQz1Pg5E162Yq
MSV60dnOv7o0/W9ZOFSONp9NAB3njI/kLg90tY4K+Ww+F6DOsFbJANLRu5QiOa7F
OaVRq0F5oGC3eQfddCmh34K3IUfRisSxPYYhyL+CdWRYsmpAx6hZCZqUbxgiLZEF
UXpGh40+VkLDIZqGi+iZLxuTn4lb4KYPeJzrRAl1xgJETti/2O3c/AJMej4LuNr8
8U44IIrFjLe+EG8hRvuixzucmzwgU/YALnNQesGSYQSbsF9XR06XaTPkuJWHoior
FDGEpGCuwGLTYZ4KnF2Zmf+tXSmLifNBo/2Dc1niBHaHsSFVQUUhPKQ3WbsGfmv9
T4Y1X2K2QWz8uqXQ4xXKHHx4zA1oxRg8F/23vYr3wFx+V7z3Ufdzyaeyj1MXNXht
nz1wKeFQiqJKIb3Xpz2eXeDG2s6/5ncBTL/YcOryWrFsDGQPlBJyvV07UrsIpznG
Y1aiBBzX9Lo5XpIwWbyJWrJ6A2QNNzXEOhxQfzx/VSnaQ0Bni8CMwpwB6+IaZ9a7
u+Whhbc3M9a/EY+ljeYzwTnDXGB0B3ILpgy6fTQzFUOvRMiPHd+cB5sPxjyMizRJ
WKDr1LUz3Dgxoc1Vi+Ig6waiuybYe2DgSLin7XuEFw0tE4UuiM+Pa6YhOp7B8WL8
Q3od0Remrgk4QH8DjsSt/rfHg9dmvbGe298QIEs4MD5Xriw1jcEQCaIHV3fyG1VL
2GmvEypPKMCNfdxH5JCs1AfPERwGRv10mLbhqmaMm1PSyLV2oxyobufZYRc4o8tm
VLQrQd5dh42z1ejaLPiC+Hlon12HheQEBp2s0n8iw/ZDRf9pVmjUo4bPIxvzeTzS
pTnFaup8UehvkBdCE7wT+Y+ukkkBdAAjBQGoWKIvSBL0STcYYRPIWW5sRwbyBgLR
ss5MmrWonEKv0t9B423Qr809GvoCq1Q7wuYK6sdCLEwFUWiBQFq2iftNANi5OxRb
3gimKiGoloWscxUF94XM1f2V3PphKNyTWFtVX+hP8CdDUhGeEp2mSEA6tdltU1Uu
GqrN9LnCbyGW2/XZm3JBDN2fvhpiAUlGjM7BNmtavUbXESzErbbUeUQb/euSdJ7+
i7eCLytWKDkcogiojTvLHsHxasKdB6+SXmwB12Dkk2pK/O1tvwYnepY2oMEbHdTC
CkCjNA8zznVZMk2UjXskZAuEjfJ8OdoI4RKQAD3gLpoy/H60bw5pxdbQCCRsSxmn
Esd91A4gIcNTXFbCFJ92+BTi7DPnYn0eAOF7g5ubNX8iQTXxmjQqHaiy6zX28saE
Eu3ZyQQOvLlVSmS7xN1jgcIIKjMp7rvD/I222gXB4RoE0moRfmuTEKDtalOw
-----END CERTIFICATE-----
52 changes: 52 additions & 0 deletions docker/ssl/db_ssl.key
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
-----BEGIN PRIVATE KEY-----
MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDzAyUbk5dqOVwh
kN5KgPT4wby8uMeX72Sd0aRDTbLR2HSxf1iC12HoUbS09rKibruM6jpVgUUWWF/7
rJb6mX94juqr5MZgb0pzyNU8YbqV53se4e/IStaX69rz2cwWq67ykYqaC53+QaR2
ybefLnC2UImvaPo62c0cCVF7DVcrtbv09eLbhWD/uBgrzdKpxJNAnqoDMsC343yF
pfpr7osmBDPK84hOByP2Vw4bFhWoydBaQqnhXjiSLQxBDef98JChuFxVDiJ3hDNS
EZNBs61d8iCveCpCGSzalNSx6a/x3dr3hfncrsNlJQBIHO/JBC4+0TuIddn3W9IO
dFdI3KHmNmiTSoP9jLuCgowd3fBtjR/c8O10UsI+da9YnTQug7akOjJlQQSfziSK
1eM3c6Y/A3d0FM+iTqtKfddbjRGB+XaxrXEfmJQ3p4Slm/eqVbzZeIdNd0zs7BUh
6UqqsEypFMnzcZLU1ASNXTK6e4jUgNWT4K0+6yTZHK7sDy1wXNEG4T5Gw0Xp+S/L
2SourLhHTVsX9p++WJGyi799J5CMV0iqaRCybPBbBYqwsY/gMdCa3LDTvNelhNJJ
FZ/tLfcjWALxyrFclIpPcyIJvcwbQK+WPwnaFXNW1jnBdHu2IgOglOyY2JdpdWTb
nEpaC5lCRaVkPY/G9V1f59A5paPIQwIDAQABAoICAAKAvsoY7A9RBezmlBOKXnuN
a0c6U/vxoESr2xhCXZwhsZn+aMf4Ne7xoH3YqKBZqZ7a7rzgtvhy8pIiBfAQ0qpI
NoyMr6pgmxC0OdYEX6qZlsALra+PbcRkzn2CecKmBAhFjXrmsbrjrDD5BOYj0U9f
ZvuihilDAwTN58PvsD0oAwaT3cFLD2Oy3rTcytWqy6V3vOKJjEiYlDjAK+Mestoy
YuItPfMnyawI24FV6eUyJu43D47drJF820p0PTZ1Wtf/kRvjKGG4v9qRicW8dwWn
r8R+5ViG79pUfBhVAtXn5hB0lc07E5IgHm+ftKyKWXuWJhnStOsCTBiQBDIg653x
P/fkPx68eq9Z6WHp+TWB1/hl9qGq5svwx8DM7J+gantVB1+Zs6XaH62lURvE2uPh
CKTGjwro/tGDpMBDnujdzza/O83nZ3PLSUB8FlIzDQD3+nfShtJfR9yXANhg3Pew
yLB73DIUrvc/LlnaNfagiHCq+7rRRbEFM5prStoGXZlvSYxpg1Nlv8mIcgTZn4sM
DUWTvKJBlB6osqwNLMgmb1uNCECWCVOjHkZ4o1/jlp5gOJuCjh0v+mN3iwiZoKf0
U8OIxHrWz+o7Hw+WhYHqKSO3fLndxReRSvrMJ1lY9hkB11r3y2vYI7ZJLf/BT0Ws
5ccxtIgA1a153tDvM7e5AoIBAQD+OxO1mMxwPo8UbxVlwp6a6khE2Y6UCzLFOd3j
G6QUAOFsSTezmUXOZT/6ANypVBm0eydcwnipI4YMvwl6zme1Ay2wGlGlquo02/ef
0yWIHEY1pJO9e14c0iZzacjbMg3TVq4FtB4o+krP6SX5Fnkxr1+rsA6UC48W+wv7
qwScEpNVTJtniDpE+h/amM/BImv3jiy7041a9Rsv2y72ZrelanDTCFJceRPRVpJ9
wjRKqbx2bQ/w5TS3O/sATW4DIjEYD9mLXCpmH/9woJZCnDlDhHROABKeBaXwMvGA
P42V1V3X6yuxb7CHR9a/bKz9ZE9WlxKeoGruwJZtqA2SJbKvAoIBAQD0tBTtqTUO
S7Yko1tkaSt3JfB6YiowURW14nxdxmltA5rJ2cTZLVKAHW+mH2IClJ3xHDrRJsZE
KeWkMcQWXjl5I0flnax+uQ+6Ukug0JgBISMB3d7lMGk5XZRaaCIJsJVIIgIVhTsT
UZZP//27BrVid0oLHqOiYNuyyaMOGN3T2XRZITDVlSO6lkak2nSseqzXAcbRSJdP
Y5y820xakN22/DEYMXrh2aFMgmasd2Ez8ux+KhPCOpj4OZjSwxUabTATTcpMOOaZ
FJVmhPmEod/W1731a9+ND+LQlJ76oHjVNXqDOH3Ikm5h9Kf8PIP6eZm+Vrj5rp3g
zrs8mylqGHitAoIBACy1LOkhfso6ZiT8x/GGQSgTDTR2YdltAremTnvyz27pHLtT
QOVnjdwW+CI55pQsgvy3L5vjYx6zbY5uRfd/tsMhVPaEGlmc7eTvzeMgWZhPCJXE
ZGrM+CbvWe2v66+IZOAGfUHpg+hG48MeSBw+tH9lTNi/dEDaq4YqDdhrIbtklN5K
Q4X4ce7RYaqqdtaK/BujuAAr2s7lDavjyqVwONlxF3g1HW6/qBmHNOnCrjl3Efpt
gYEmfZe/h4ttEmygpauKlgIo6hfdhqlCxEngeT2DXISfBKcfbSgJfWjFRFvWEtO2
uo9QieWwX3Z4YQ+KhV0/4fldUpC783hDNme+E2cCggEAOutxbpgjckHApam/w7mf
AZ1c/drNFb0wYQ8bquivUdRgXOHWiARlrPtperJrwvtN3FRTxTB05MzBwntJH6mo
ZQadtSf19L1SkCZol1wifYMhDr4BgWXasDlcEzinmXWvPCMUJWJjCw/GBZU53uKK
oh7e8TZ7aAmyXKY4YJiUMQJXBW78dzDl3XN5pxACr9UJ8Os4mAPGixMNFlwnUlc3
S2wF1jFzyRXBxM5RMo28FeoUD3zKLSY21u3nYjgeyLIptTwxzZCV1Z4jKwAxpEHl
x7FCx+kldq2wi1B9xxMEhTHPQfFEOBsqAOQL3qwjixfkcPQordXhpdOhOcKSgj1K
MQKCAQEA31YIsVhBEQeda61dtI/9J5Eke6StlKzDroSdc3YRgeTlevlaIJ8eyVR0
Tl+xxkZg++5St/+FRwJNozDZ/x7hHAJMSmh00xQdFPRF4f8iMOC9qblbaqqKrUbq
FCZUeQVyfvBNYVKIRlMRzUN44dHfMyDQiLK9Yv3/ZPrrH4ankj8oT6E7qp7P0MG8
zflI/3L3FbEkKI81+vAv1qc8zLljI6iV3wKsidUBYgT3HZnox1ahVAvITd7ldEYH
n+f/xF44o6lePckA3QcOF/FZwgLjgxhkKb6JOOntR4Y99IyLVvwFVeIhI41Mrv9F
2orSt1qNusNcYTps2pbCCAixEEZS/g==
-----END PRIVATE KEY-----
1 change: 1 addition & 0 deletions src/Config/Ssl.php
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ public function __construct(
public string $rootCertificatePath,
public string $privateKeyPath,
public string $certificatePath,
public SslVerification $verification = SslVerification::CaAndHostname,
) {
}
}
10 changes: 10 additions & 0 deletions src/Config/SslVerification.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
<?php

namespace Squirrel\Connection\Config;

enum SslVerification
{
case None;
case Ca;
case CaAndHostname;
}
19 changes: 15 additions & 4 deletions src/PDO/ConnectionPDO.php
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@
use Squirrel\Connection\Config\Mysql;
use Squirrel\Connection\Config\Pgsql;
use Squirrel\Connection\Config\Sqlite;
use Squirrel\Connection\Config\SslVerification;
use Squirrel\Connection\ConnectionInterface;
use Squirrel\Connection\ConnectionQueryInterface;
use Squirrel\Connection\Exception\InvalidArgumentException;
Expand Down Expand Up @@ -37,7 +38,12 @@ public function __construct(
$options[PDO::MYSQL_ATTR_SSL_CA] = $this->config->ssl->rootCertificatePath;
$options[PDO::MYSQL_ATTR_SSL_KEY] = $this->config->ssl->privateKeyPath;
$options[PDO::MYSQL_ATTR_SSL_CERT] = $this->config->ssl->certificatePath;
$options[PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT] = false;

$options[PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT] = match ($this->config->ssl->verification) {
SslVerification::None => false,
SslVerification::Ca => throw new InvalidArgumentException('Mysql SSL connections do not support to only verify the CA - only no verification or both CA and hostname verification are supported by the PHP driver'),
SslVerification::CaAndHostname => true,
};
}
}

Expand All @@ -54,15 +60,20 @@ public function __construct(
};

if ($this->config instanceof Pgsql) {
$this->dsn = 'pgsql:host=' . $this->config->host . ';port=' . $this->config->port . ( $this->config->dbname !== null ? ';dbname=' . $this->config->dbname : '' ) . ';options=\'--client_encoding=' . $this->config->charset . '\'' . ( $this->config->ssl !== null ? ';sslmode=verify-ca;sslcert=' . $this->config->ssl->certificatePath . ';sslkey=' . $this->config->ssl->privateKeyPath . ';sslrootcert=' . $this->config->ssl->rootCertificatePath : '' );
$sslmode = match ($this->config->ssl?->verification) {
null => 'prefer',
SslVerification::None => 'require',
SslVerification::Ca => 'verify-ca',
SslVerification::CaAndHostname => 'verify-full',
};

$this->dsn = 'pgsql:host=' . $this->config->host . ';port=' . $this->config->port . ( $this->config->dbname !== null ? ';dbname=' . $this->config->dbname : '' ) . ';options=\'--client_encoding=' . $this->config->charset . '\'' . ';sslmode=' . $sslmode . ( $this->config->ssl !== null ? ';sslcert=' . $this->config->ssl->certificatePath . ';sslkey=' . $this->config->ssl->privateKeyPath . ';sslrootcert=' . $this->config->ssl->rootCertificatePath : '' );
} elseif ($this->config instanceof Sqlite) {
$this->dsn = 'sqlite:' . ( $this->config->path !== null ? $this->config->path : ':memory:' );
} else {
$this->dsn = 'mysql:host=' . $this->config->host . ';port=' . $this->config->port . ( $this->config->dbname !== null ? ';dbname=' . $this->config->dbname : '' ) . ';charset=' . $this->config->charset;
}



$this->connect();
}

Expand Down
1 change: 1 addition & 0 deletions src/PDO/ConnectionQueryPDO.php
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
use PDOStatement;
use Squirrel\Connection\ConnectionQueryInterface;

/** @internal */
readonly class ConnectionQueryPDO implements ConnectionQueryInterface
{
public function __construct(
Expand Down
Loading

0 comments on commit d9f9809

Please sign in to comment.