stable
Clone or download
There are two levels of trustiness in MySQL: - use tls - verify CA I managed to test locally the first point but I didn't managed to have a setup where I can assert that the second point is valid. However I can confirm in my tests that whenever I set $sys_db_ssl_verify_cert = '1' in the config, I cannot connect to the DB so it's already a first test I guess... That said, not all the libs & apps seems to manage properly this setting. For instance, it's not possible to set it for Mediawiki and Python MySQLdb. However in both cases the libs/apps are wrapped into tuleap pages that will enforce the CA verification so it's not a big issue. You can test it locally with the settings proposed in src/etc/tuleap-mysql57-dev.cnf Part of story #14768 have a tuleap enterprise edition docker image production ready Change-Id: I288396d322efb4f86a5ea41a2b7cad170a9e2c44
Modified Files
| Name | ||||
|---|---|---|---|---|
| M | plugins/mediawiki/www/LocalSettings.php | +4 | −0 | Go to diff View file |
| A | src/common/DB/DBConfig.php | +52 | −0 | Go to diff View file |
| M | src/common/DB/DBCreator.php | +13 | −1 | Go to diff View file |
| M | src/common/DB/DBFactory.php | +1 | −1 | Go to diff View file |
| A | src/common/DB/NoCaFileException.php | +32 | −0 | Go to diff View file |
| M | src/common/svn/SVN_Apache_ModPerl.class.php | +16 | −8 | Go to diff View file |
| M | src/common/svn/SVN_Apache_SvnrootConf.class.php | +1 | −0 | Go to diff View file |
| M | src/etc/database.inc.dist | +7 | −8 | Go to diff View file |
| M | src/etc/tuleap-mysql57-dev.cnf | +7 | −0 | Go to diff View file |
| M | src/utils/include.pl | +18 | −12 | Go to diff View file |
| M | src/utils/include.py | +17 | −8 | Go to diff View file |
| M | tests/psalm/Dockerfile | +2 | −1 | Go to diff View file |