From 3f80bcbc08ab05013af9e322bbb1a2216ce58dbb Mon Sep 17 00:00:00 2001
From: Carson Fleming <cflems@cflems.net>
Date: Fri, 20 Sep 2024 21:32:33 -0400
Subject: mysql over SSL support

---
 inc/config.sample.php | 9 +++++++++
 inc/db.php            | 7 ++++++-
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/inc/config.sample.php b/inc/config.sample.php
index 5c14806..27a1261 100644
--- a/inc/config.sample.php
+++ b/inc/config.sample.php
@@ -17,6 +17,15 @@ $b_config = array(
   'db_name' => '',
   'db_user' => '',
   'db_pass' => '',
+  // One of these two is necessary for SSL
+  'db_ssl_ca' => null,
+  // 'db_ssl_ca_dir' => '/etc/ssl/certs',
+  // These are necessary for SSL
+  'db_ssl_cert' => null,
+  'db_ssl_key' => null,
+  // These are optional for SSL
+  'db_ssl_verify_server' => true,
+  'db_ssl_cipher_algos' => null, 
 
   // Send emails from this address
   'mail_from' => 'Bulletin <noreply@bulletinalpha.tk>',
diff --git a/inc/db.php b/inc/db.php
index bb4b9f7..99fdc45 100644
--- a/inc/db.php
+++ b/inc/db.php
@@ -3,7 +3,12 @@ class bdb extends mysqli {
 
   public function __construct () {
     global $b_config;
-    parent::__construct($b_config['db_host'], $b_config['db_user'], $b_config['db_pass'], $b_config['db_name']);
+    parent::init();
+    if (!empty(@$b_config['db_ssl_key']) && !empty(@$b_config['db_ssl_cert'])) {
+      parent::options(MYSQLI_OPT_SSL_VERIFY_SERVER_CERT, @$b_config['db_ssl_verify_server']);
+      parent::ssl_set(@$b_config['db_ssl_key'], @$b_config['db_ssl_cert'], @$b_config['db_ssl_ca'], @$b_config['db_ssl_ca_dir'], @$b_config['db_ssl_cipher_algos']);
+    }
+    parent::real_connect($b_config['db_host'], $b_config['db_user'], $b_config['db_pass'], $b_config['db_name']);
   }
 
 }
-- 
cgit v1.2.3