• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Possible bug in Connection.php --> Connection to encrypted ssl database

Hi, i started a thread a few days ago, about having problems with connecting to database encrypted with ssl...
The problem is the following:

I need to make a:
mysqli->ssl_set(null, null,null,....), and then
mysqli_real_connect($mysqli, $hostname,$username, $password, $database, $port,null, MYSQLI_CLIENT_SSL);

The problem is that seeing the documentation, there is not so much information of how to do this (is all done automatically filling the encrypt array of the database configs), so i started dagging into codeigniter libraries...

I found the class that make the connection that is Connection.php, and seeing the code, i realize that it is impossible to gather a connection as i want, because in order to set the clientFlag to MYSQLI_CLIENT_SSL, it is needed that one of the paths of the encrypt part of the database config is fullfill (line 130 if (!empty($ssl)):

$ssl = [];

            empty($this->encrypt['ssl_key'])    || $ssl['key']    = $this->encrypt['ssl_key'];
            empty($this->encrypt['ssl_cert'])   || $ssl['cert']   = $this->encrypt['ssl_cert'];
            empty($this->encrypt['ssl_ca'])     || $ssl['ca']     = $this->encrypt['ssl_ca'];
            empty($this->encrypt['ssl_capath']) || $ssl['capath'] = $this->encrypt['ssl_capath'];
            empty($this->encrypt['ssl_cipher']) || $ssl['cipher'] = $this->encrypt['ssl_cipher'];

            if (! empty($ssl))


I need to make this type of connection automatically with the driver of mysqli (in other apps that dont use codeigniter is done), without putting any path.
                    $ssl['key'] ?? null$ssl['cert'] ?? null$ssl['ca'] ?? null,
                    $ssl['capath'] ?? null$ssl['cipher'] ?? null
this should also be null, null,null ...

And then the call to:
                $this->database$port$socket(should be null)$clientFlags).

I realize that changing the code of Connection.php, the line number 130:

if (! empty($ssl))  --> to if (empty($ssl)) 

or without that if, the connection is done correctly. Is this a bug?

In few words, i want to make an ssl connection with all the params of ssl_set to null so all the paths should be null.

What would be the solution?

this id the Database.php encrypt array that i have:
'encrypt' => array(
            'ssl_ca' => '',
            'ssl_verify' =>false),


If i put the real path in 'ssl_ca', this wont work. Is there a way to access to this part of Connection.php, without putting any path? Because the actual mysqli version support making this connections with the paths to NULL.

Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  

  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2021 MyBB Group.