user |**Optional.** MySQL database user with read/write permission to the icinga database. Defaults to "icinga".
password |**Optional.** MySQL database user's password. Defaults to "icinga".
database |**Optional.** MySQL database name. Defaults to "icinga".
+ enable\_ssl |**Optional.** Use SSL. Defaults to false. Change to `true` in case you want to use any of the SSL options.
+ ssl\_key |**Optional.** MySQL SSL client key file path.
+ ssl\_cert |**Optional.** MySQL SSL certificate file path.
+ ssl\_ca |**Optional.** MySQL SSL certificate authority certificate file path.
+ ssl\_capath |**Optional.** MySQL SSL trusted SSL CA certificates in PEM format directory path.
+ ssl\_cipher |**Optional.** MySQL SSL list of allowed ciphers.
table\_prefix |**Optional.** MySQL database table prefix. Defaults to "icinga\_".
instance\_name |**Optional.** Unique identifier for the local Icinga 2 instance. Defaults to "default".
instance\_description|**Optional.** Description for the Icinga 2 instance.
ClearIDCache();
String ihost, isocket_path, iuser, ipasswd, idb;
+ String isslKey, isslCert, isslCa, isslCaPath, isslCipher;
const char *host, *socket_path, *user , *passwd, *db;
+ const char *sslKey, *sslCert, *sslCa, *sslCaPath, *sslCipher;
+ bool enableSsl;
long port;
ihost = GetHost();
ipasswd = GetPassword();
idb = GetDatabase();
+ enableSsl = GetEnableSsl();
+ isslKey = GetSslKey();
+ isslCert = GetSslCert();
+ isslCa = GetSslCa();
+ isslCaPath = GetSslCapath();
+ isslCipher = GetSslCipher();
+
host = (!ihost.IsEmpty()) ? ihost.CStr() : NULL;
port = GetPort();
socket_path = (!isocket_path.IsEmpty()) ? isocket_path.CStr() : NULL;
passwd = (!ipasswd.IsEmpty()) ? ipasswd.CStr() : NULL;
db = (!idb.IsEmpty()) ? idb.CStr() : NULL;
+ sslKey = (!isslKey.IsEmpty()) ? isslKey.CStr() : NULL;
+ sslCert = (!isslCert.IsEmpty()) ? isslCert.CStr() : NULL;
+ sslCa = (!isslCa.IsEmpty()) ? isslCa.CStr() : NULL;
+ sslCaPath = (!isslCaPath.IsEmpty()) ? isslCaPath.CStr() : NULL;
+ sslCipher = (!isslCipher.IsEmpty()) ? isslCipher.CStr() : NULL;
+
/* connection */
if (!mysql_init(&m_Connection)) {
Log(LogCritical, "IdoMysqlConnection")
BOOST_THROW_EXCEPTION(std::bad_alloc());
}
+ if (enableSsl)
+ mysql_ssl_set(&m_Connection, sslKey, sslCert, sslCa, sslCaPath, sslCipher);
+
if (!mysql_real_connect(&m_Connection, host, user, passwd, db, port, socket_path, CLIENT_FOUND_ROWS | CLIENT_MULTI_STATEMENTS)) {
Log(LogCritical, "IdoMysqlConnection")
<< "Connection to database '" << db << "' with user '" << user << "' on '" << host << ":" << port
- << "' failed: \"" << mysql_error(&m_Connection) << "\"";
+ << "' " << (enableSsl ? "(SSL enabled) " : "") << "failed: \"" << mysql_error(&m_Connection) << "\"";
BOOST_THROW_EXCEPTION(std::runtime_error(mysql_error(&m_Connection)));
}
[config] String database {
default {{{ return "icinga"; }}}
};
+ [config] bool enable_ssl;
+ [config] String ssl_key;
+ [config] String ssl_cert;
+ [config] String ssl_ca;
+ [config] String ssl_capath;
+ [config] String ssl_cipher;
[config] String instance_name {
default {{{ return "default"; }}}
};
projects / icinga2 / commitdiff