How to connect to the database in Bitrix via ssl?

K

kalnin_yuri2021-10-22 23:08:00

PHP

kalnin_yuri, 2021-10-22 23:08:00

In the Yandex cloud, they write this way of connecting to the Bitrix database

$conn = mysqli_init();
$conn->options(MYSQLI_OPT_SSL_VERIFY_SERVER_CERT, true);
$conn->ssl_set(NULL, NULL, '~/.mysql/root.crt', NULL, NULL);
$conn->real_connect('rc1a-cz4mil27ne5v5y6k.mdb.yandexcloud.net', '0000', '<0000>', '0000', 3306, NULL, MYSQLI_CLIENT_SSL);

there are no such settings in the .settings.php and dbconn.php files. what to do?

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

K

kalnin_yuri, 2021-10-26
@kalnin_yuri

Decided by adding files in the kernel. The strange thing is that in Bitrix the connection to the database occurs in two places. In addition to the class specified in .setting.php
in bitrix/modules/main/lib/db/mysqliconnection.php,
mysql_connect was replaced with

$connection = \mysqli_init();
$connection->options(MYSQLI_OPT_SSL_VERIFY_SERVER_CERT, true);
$connection->ssl_set(NULL, NULL, '/var/www/www-root/data/.mysql/root.crt', NULL, NULL);

and in bitrix/modules/main/classes/mysql/database_mysqli.php

$this->db_Conn = mysqli_connect($persistentPrefix.$dbHost, $this->DBLogin, $this->DBPassword, $this->DBName, $dbPort);

changed to

$this->db_Conn = \mysqli_init();
$this->db_Conn->options(MYSQLI_OPT_SSL_VERIFY_SERVER_CERT, true);
$this->db_Conn->ssl_set(NULL, NULL, '/var/www/www-root/data/.mysql/root.crt', NULL, NULL);
$this->db_Conn->real_connect($persistentPrefix.$dbHost, $this->DBLogin, $this->DBPassword, $this->DBName, $dbPort);

A

Alexander, 2021-10-26
@AlexanderKs3

It seems that such an opportunity is not included in Bitrix. At least, if you look at the sources, /bitrix/modules/main/lib/db/mysqliconnection.php, then the connectInternal() method between mysqli_init() and real_connect() does not provide for setting options() and ssl_set(), only assignment non-standard port and MYSQLI_INIT_COMMAND, and at the end - the connection of the after_connect_d7.php file, which specifies additional. instructions after a successful connection to the database:

function connectInternal() code

protected function connectInternal()
{
  if ($this->isConnected)
    return;

  $host = $this->host;
  $port = 0;
  if (($pos = strpos($host, ":")) !== false)
  {
    $port = intval(substr($host, $pos + 1));
    $host = substr($host, 0, $pos);
  }
  if (($this->options & self::PERSISTENT) != 0)
    $host = "p:".$host;

  /** @var $connection \mysqli */
  $connection = \mysqli_init();
  if (!$connection)
    throw new ConnectionException('Mysql init failed');

  if (!empty($this->initCommand))
  {
    if (!$connection->options(MYSQLI_INIT_COMMAND, $this->initCommand))
      throw new ConnectionException('Setting mysql init command failed');
  }

  if ($port > 0)
    $r = $connection->real_connect($host, $this->login, $this->password, $this->database, $port);
  else
    $r = $connection->real_connect($host, $this->login, $this->password, $this->database);

  if (!$r)
  {
    throw new ConnectionException(
      'Mysql connect error ['.$this->host.']',
      sprintf('(%s) %s', $connection->connect_errno, $connection->connect_error)
    );
  }

  $this->resource = $connection;
  $this->isConnected = true;

  // nosql memcached driver
  if (isset($this->configuration['memcache']))
  {
    $memcached = \Bitrix\Main\Application::getInstance()->getConnectionPool()->getConnection($this->configuration['memcache']);
    mysqlnd_memcache_set($this->resource, $memcached->getResource());
  }

  $this->afterConnected();
}

The .settings.php file defines the connection class (className), perhaps it will come in handy for connecting your own, modif. class.