Skip to content

Commit

Permalink
Merge pull request #829 from oldskool/patch-1
Browse files Browse the repository at this point in the history 
Add PostgreSQL SSL options support
  • Loading branch information
@kimhemsoe
kimhemsoe committed Nov 29, 2018
2 parents b98183a + ca32f07 commit bca3c13
Show file tree
Hide file tree
Showing 6 changed files with 87 additions and 0 deletions.
15 changes: 15 additions & 0 deletions DependencyInjection/Configuration.php
View file
Expand Up @@ -239,6 +239,21 @@ private function configureDbalDriverNode(ArrayNodeDefinition $node)
'If the file exists, the server\'s certificate will be verified to be signed by one of these authorities.'
)
->end()
->scalarNode('sslcert')
->info(
'The path to the SSL client certificate file for PostgreSQL.'
)
->end()
->scalarNode('sslkey')
->info(
'The path to the SSL client key file for PostgreSQL.'
)
->end()
->scalarNode('sslcrl')
->info(
'The file name of the SSL certificate revocation list for PostgreSQL.'
)
->end()
->booleanNode('pooled')->info('True to use a pooled server with the oci8/pdo_oracle driver')->end()
->booleanNode('MultipleActiveResultSets')->info('Configuring MultipleActiveResultSets for the pdo_sqlsrv driver')->end()
->booleanNode('use_savepoints')->info('Use savepoints for nested transactions')->end()
Expand Down
3 changes: 3 additions & 0 deletions Resources/config/schema/doctrine-1.0.xsd
View file
Expand Up @@ -62,6 +62,9 @@
<xsd:attribute name="default_dbname" type="xsd:string" />
<xsd:attribute name="sslmode" type="xsd:string" />
<xsd:attribute name="sslrootcert" type="xsd:string" />
<xsd:attribute name="sslcert" type="xsd:string" />
<xsd:attribute name="sslkey" type="xsd:string" />
<xsd:attribute name="sslcrl" type="xsd:string" />
<xsd:attribute name="pooled" type="xsd:string" />
<xsd:attribute name="multiple-active-result-sets" type="xsd:string" />
<xsd:attribute name="connectstring" type="xsd:string" />
Expand Down
60 changes: 60 additions & 0 deletions Resources/doc/configuration.rst
View file
Expand Up @@ -71,6 +71,18 @@ Configuration Reference
# If the file exists, the server's certificate will be verified to be signed by one of these authorities.
sslrootcert: ~
# PostgreSQL specific (LIBPQ-CONNECT-SSLCERT).
# The name of a file containing the client SSL certificate.
sslcert: ~
# PostgreSQL specific (LIBPQ-CONNECT-SSLKEY).
# The name of a file containing the private key for the client SSL certificate.
sslkey: ~
# PostgreSQL specific (LIBPQ-CONNECT-SSLCRL).
# The name of a file containing the SSL certificate revocation list (CRL).
sslcrl: ~
# Oracle specific (SERVER=POOLED). True to use a pooled server with the oci8/pdo_oracle driver
pooled: ~
Expand Down Expand Up @@ -165,6 +177,18 @@ Configuration Reference
# If the file exists, the server's certificate will be verified to be signed by one of these authorities.
sslrootcert: ~
# PostgreSQL specific (LIBPQ-CONNECT-SSLCERT).
# The name of a file containing the client SSL certificate.
sslcert: ~
# PostgreSQL specific (LIBPQ-CONNECT-SSLKEY).
# The name of a file containing the private key for the client SSL certificate.
sslkey: ~
# PostgreSQL specific (LIBPQ-CONNECT-SSLCRL).
# The name of a file containing the SSL certificate revocation list (CRL).
sslcrl: ~
# Oracle specific (SERVER=POOLED). True to use a pooled server with the oci8/pdo_oracle driver
pooled: ~
Expand Down Expand Up @@ -217,6 +241,18 @@ Configuration Reference
# If the file exists, the server's certificate will be verified to be signed by one of these authorities.
sslrootcert: ~
# PostgreSQL specific (LIBPQ-CONNECT-SSLCERT).
# The name of a file containing the client SSL certificate.
sslcert: ~
# PostgreSQL specific (LIBPQ-CONNECT-SSLKEY).
# The name of a file containing the private key for the client SSL certificate.
sslkey: ~
# PostgreSQL specific (LIBPQ-CONNECT-SSLCRL).
# The name of a file containing the SSL certificate revocation list (CRL).
sslcrl: ~
# Oracle specific (SERVER=POOLED). True to use a pooled server with the oci8/pdo_oracle driver
pooled: ~
Expand Down Expand Up @@ -414,6 +450,9 @@ Configuration Reference
<!-- default_dbname: Override the default database (postgres) to connect to for PostgreSQL. -->
<!-- sslmode: Determines whether or with what priority a SSL TCP/IP connection will be negotiated with the server for PostgreSQL. -->
<!-- sslrootcert: The name of a file containing SSL certificate authority (CA) certificate(s). If the file exists, the server's certificate will be verified to be signed by one of these authorities. -->
<!-- sslcert: The name of a file containing a client SSL certificate -->
<!-- sslkey: The name of a file containing the private key used for the client SSL certificate -->
<!-- sslcrl: The name of a file containing the SSL certificate revocation list (CRL) -->
<!-- pooled: True to use a pooled server with the oci8/pdo_oracle driver -->
<!-- MultipleActiveResultSets: Configuring MultipleActiveResultSets for the pdo_sqlsrv driver -->
<!-- use-savepoints: Enable savepoints for nested transactions -->
Expand All @@ -437,6 +476,9 @@ Configuration Reference
default_dbname=""
sslmode=""
sslrootcert=""
sslcert=""
sslkey=""
sslcrl=""
pooled=""
MultipleActiveResultSets=""
use-savepoints="true"
Expand Down Expand Up @@ -476,6 +518,9 @@ Configuration Reference
<!-- default_dbname: Override the default database (postgres) to connect to for PostgreSQL. -->
<!-- sslmode: Determines whether or with what priority a SSL TCP/IP connection will be negotiated with the server for PostgreSQL. -->
<!-- sslrootcert: The name of a file containing SSL certificate authority (CA) certificate(s). If the file exists, the server's certificate will be verified to be signed by one of these authorities. -->
<!-- sslcert: The name of a file containing a client SSL certificate -->
<!-- sslkey: The name of a file containing the private key used for the client SSL certificate -->
<!-- sslcrl: The name of a file containing the SSL certificate revocation list (CRL) -->
<!-- pooled: True to use a pooled server with the oci8/pdo_oracle driver -->
<!-- MultipleActiveResultSets: Configuring MultipleActiveResultSets for the pdo_sqlsrv driver -->
<doctrine:slave
Expand All @@ -498,6 +543,9 @@ Configuration Reference
default_dbname=""
sslmode=""
sslrootcert=""
sslcert=""
sslkey=""
sslcrl=""
pooled=""
MultipleActiveResultSets=""
/>
Expand All @@ -514,6 +562,9 @@ Configuration Reference
<!-- default_dbname: Override the default database (postgres) to connect to for PostgreSQL. -->
<!-- sslmode: Determines whether or with what priority a SSL TCP/IP connection will be negotiated with the server for PostgreSQL. -->
<!-- sslrootcert: The name of a file containing SSL certificate authority (CA) certificate(s). If the file exists, the server's certificate will be verified to be signed by one of these authorities. -->
<!-- sslcert: The name of a file containing a client SSL certificate -->
<!-- sslkey: The name of a file containing the private key used for the client SSL certificate -->
<!-- sslcrl: The name of a file containing the SSL certificate revocation list (CRL) -->
<!-- pooled: True to use a pooled server with the oci8/pdo_oracle driver -->
<!-- MultipleActiveResultSets: Configuring MultipleActiveResultSets for the pdo_sqlsrv driver -->
<doctrine:shard
Expand All @@ -536,6 +587,9 @@ Configuration Reference
default_dbname=""
sslmode=""
sslrootcert=""
sslcert=""
sslkey=""
sslcrl=""
pooled=""
MultipleActiveResultSets=""
/>
Expand Down Expand Up @@ -917,6 +971,9 @@ can configure. The following block shows all possible configuration keys:
default_dbname: database # PostgreSQL specific (default_dbname)
sslmode: require # PostgreSQL specific (LIBPQ-CONNECT-SSLMODE)
sslrootcert: postgresql-ca.pem # PostgreSQL specific (LIBPQ-CONNECT-SSLROOTCERT)
sslcert: postgresql-cert.pem # PostgreSQL specific (LIBPQ-CONNECT-SSLCERT)
sslkey: postgresql-key.pem # PostgreSQL specific (LIBPQ-CONNECT-SSLKEY)
sslcrl: postgresql.crl # PostgreSQL specific (LIBPQ-CONNECT-SSLCRL)
wrapper_class: MyDoctrineDbalConnectionWrapper
charset: UTF8
logging: "%kernel.debug%"
Expand Down Expand Up @@ -964,6 +1021,9 @@ can configure. The following block shows all possible configuration keys:
default_dbname="database" <!-- PostgreSQL specific (default_dbname) -->
sslmode="require" <!-- PostgreSQL specific (LIBPQ-CONNECT-SSLMODE) -->
sslrootcert="postgresql-ca.pem" <!-- PostgreSQL specific (LIBPQ-CONNECT-SSLROOTCERT) -->
sslcert="postgresql-cert.pem" <!-- PostgreSQL specific (LIBPQ-CONNECT-SSLCERT) -->
sslkey="postgresql-key.pem" <!-- PostgreSQL specific (LIBPQ-CONNECT-SSLKEY) -->
sslcrl="postgresql.crl" <!-- PostgreSQL specific (LIBPQ-CONNECT-SSLCRL) -->
wrapper-class="MyDoctrineDbalConnectionWrapper"
charset="UTF8"
logging="%kernel.debug%"
Expand Down
3 changes: 3 additions & 0 deletions Tests/DependencyInjection/AbstractDoctrineExtensionTest.php
View file
Expand Up @@ -69,6 +69,9 @@ public function testDbalLoadFromXmlMultipleConnections()
$this->assertSame('pgsql_db', $config['default_dbname']);
$this->assertSame('require', $config['sslmode']);
$this->assertSame('postgresql-ca.pem', $config['sslrootcert']);
$this->assertSame('postgresql-cert.pem', $config['sslcert']);
$this->assertSame('postgresql-key.pem', $config['sslkey']);
$this->assertSame('postgresql.crl', $config['sslcrl']);
$this->assertSame('utf8', $config['charset']);

// doctrine.dbal.sqlanywhere_connection
Expand Down
3 changes: 3 additions & 0 deletions Tests/DependencyInjection/Fixtures/config/xml/dbal_service_multiple_connections.xml
View file
Expand Up @@ -48,6 +48,9 @@
default_dbname="pgsql_db"
sslmode="require"
sslrootcert="postgresql-ca.pem"
sslcert="postgresql-cert.pem"
sslkey="postgresql-key.pem"
sslcrl="postgresql.crl"
charset="utf8" />
<connection
name="sqlanywhere"
Expand Down
3 changes: 3 additions & 0 deletions Tests/DependencyInjection/Fixtures/config/yml/dbal_service_multiple_connections.yml
View file
Expand Up @@ -37,6 +37,9 @@ doctrine:
default_dbname: pgsql_db
sslmode: require
sslrootcert: postgresql-ca.pem
sslcert: postgresql-cert.pem
sslkey: postgresql-key.pem
sslcrl: postgresql.crl
charset: utf8
sqlanywhere:
driver: sqlanywhere
Expand Down

0 comments on commit bca3c13

Please sign in to comment.