mirror/1Panel
1
0
Fork 0
mirror of https://github.com/1Panel-dev/1Panel.git synced 2024-11-27 20:49:03 +08:00
Code Issues Actions 8 Packages Projects Releases Wiki Activity

fix: 修改 Mysql 远程数据库添加校验 (#3939)

Browse Source 
Refs #3936
This commit is contained in:
ssongliu 2024-02-21 17:00:30 +08:00 committed by GitHub
parent 61ff55e157
commit 2475c82a63
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 16 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
backend/utils/mysql/client/info.go
View File

@ -5,6 +5,7 @@ import (
"crypto/x509"
"errors"
"github.com/1Panel-dev/1Panel/backend/global"
"github.com/go-sql-driver/mysql"
)
@ -124,22 +125,27 @@ func ConnWithSSL(ssl, skipVerify bool, clientKey, clientCert, rootCert string) (
if !ssl {
return "", nil
}
pool := x509.NewCertPool()
tlsConfig := &tls.Config{
InsecureSkipVerify: skipVerify,
}
if len(rootCert) != 0 {
pool := x509.NewCertPool()
if ok := pool.AppendCertsFromPEM([]byte(rootCert)); !ok {
global.LOG.Error("append certs from pem failed")
return "", errors.New("unable to append root cert to pool")
}
tlsConfig.RootCAs = pool
tlsConfig.VerifyPeerCertificate = VerifyPeerCertFunc(pool)
}
cert, err := tls.X509KeyPair([]byte(clientCert), []byte(clientKey))
if err != nil {
return "", err
if len(clientCert) != 0 && len(clientKey) != 0 {
cert, err := tls.X509KeyPair([]byte(clientCert), []byte(clientKey))
if err != nil {
return "", err
}
tlsConfig.Certificates = []tls.Certificate{cert}
}
if err := mysql.RegisterTLSConfig("cloudsql", &tls.Config{
RootCAs: pool,
Certificates: []tls.Certificate{cert},
InsecureSkipVerify: skipVerify,
VerifyPeerCertificate: VerifyPeerCertFunc(pool),
}); err != nil {
if err := mysql.RegisterTLSConfig("cloudsql", tlsConfig); err != nil {
global.LOG.Errorf("register tls config failed, err: %v", err)
return "", err
}
return "&tls=cloudsql", nil

4
frontend/src/views/database/mysql/remote/operate/index.vue
View File

@ -176,10 +176,6 @@ const rules = reactive({
port: [Rules.port],
username: [Rules.requiredInput],
password: [Rules.requiredInput],
clientKey: [Rules.requiredInput],
clientCert: [Rules.requiredInput],
rootCert: [Rules.requiredInput],
});
type FormInstance = InstanceType<typeof ElForm>;