ENGCOM-2983: Feature/issue 13561 2.3 #18075

Author: sivaschenko

lib/internal/Magento/Framework/Config/ConfigOptionsListConstants.php

@@ -21,6 +21,7 @@ class ConfigOptionsListConstants
     const CONFIG_PATH_CRYPT_KEY = 'crypt/key';
     const CONFIG_PATH_SESSION_SAVE = 'session/save';
     const CONFIG_PATH_RESOURCE_DEFAULT_SETUP = 'resource/default_setup/connection';
+    const CONFIG_PATH_DB_CONNECTION_DEFAULT_DRIVER_OPTIONS = 'db/connection/default/driver_options';
     const CONFIG_PATH_DB_CONNECTION_DEFAULT = 'db/connection/default';
     const CONFIG_PATH_DB_CONNECTIONS = 'db/connection';
     const CONFIG_PATH_DB_PREFIX = 'db/table_prefix';
@@ -64,6 +65,10 @@ class ConfigOptionsListConstants
     const INPUT_KEY_DB_MODEL = 'db-model';
     const INPUT_KEY_DB_INIT_STATEMENTS = 'db-init-statements';
     const INPUT_KEY_DB_ENGINE = 'db-engine';
+    const INPUT_KEY_DB_SSL_KEY = 'db-ssl-key';
+    const INPUT_KEY_DB_SSL_CERT = 'db-ssl-cert';
+    const INPUT_KEY_DB_SSL_CA = 'db-ssl-ca';
+    const INPUT_KEY_DB_SSL_VERIFY = 'db-ssl-verify';
     const INPUT_KEY_RESOURCE = 'resource';
     const INPUT_KEY_SKIP_DB_VALIDATION = 'skip-db-validation';
     const INPUT_KEY_CACHE_HOSTS = 'http-cache-hosts';
@@ -104,6 +109,20 @@ class ConfigOptionsListConstants
     const KEY_MODEL = 'model';
     const KEY_INIT_STATEMENTS = 'initStatements';
     const KEY_ACTIVE = 'active';
+    const KEY_DRIVER_OPTIONS = 'driver_options';
+    /**#@-*/
+
+    /**#@+
+     * Array keys for database driver options configurations
+     */
+    const KEY_MYSQL_SSL_KEY = \PDO::MYSQL_ATTR_SSL_KEY;
+    const KEY_MYSQL_SSL_CERT = \PDO::MYSQL_ATTR_SSL_CERT;
+    const KEY_MYSQL_SSL_CA = \PDO::MYSQL_ATTR_SSL_CA;
+    /**
+     * Constant \PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT cannot be used as it was introduced in PHP 7.1.4
+     * and Magento 2 is currently supporting PHP 7.1.3.
+     */
+    const KEY_MYSQL_SSL_VERIFY = 1014;
     /**#@-*/
 
     /**

setup/src/Magento/Setup/Controller/DatabaseCheck.php

@@ -5,11 +5,15 @@
  */
 namespace Magento\Setup\Controller;
 
+use Magento\Framework\Config\ConfigOptionsListConstants;
 use Magento\Setup\Validator\DbValidator;
 use Zend\Json\Json;
 use Zend\Mvc\Controller\AbstractActionController;
 use Zend\View\Model\JsonModel;
 
+/**
+ * Class DatabaseCheck
+ */
 class DatabaseCheck extends AbstractActionController
 {
     /**
@@ -37,12 +41,45 @@ public function indexAction()
         try {
             $params = Json::decode($this->getRequest()->getContent(), Json::TYPE_ARRAY);
             $password = isset($params['password']) ? $params['password'] : '';
-            $this->dbValidator->checkDatabaseConnection($params['name'], $params['host'], $params['user'], $password);
+            $driverOptions = [];
+            if ($this->isDriverOptionsGiven($params)) {
+                if (empty($params['driverOptionsSslVerify'])) {
+                    $params['driverOptionsSslVerify'] = 0;
+                }
+                $driverOptions = [
+                    ConfigOptionsListConstants::KEY_MYSQL_SSL_KEY => $params['driverOptionsSslKey'],
+                    ConfigOptionsListConstants::KEY_MYSQL_SSL_CERT => $params['driverOptionsSslCert'],
+                    ConfigOptionsListConstants::KEY_MYSQL_SSL_CA => $params['driverOptionsSslCa'],
+                    ConfigOptionsListConstants::KEY_MYSQL_SSL_VERIFY => (int) $params['driverOptionsSslVerify'],
+                ];
+            }
+            $this->dbValidator->checkDatabaseConnectionWithDriverOptions(
+                $params['name'],
+                $params['host'],
+                $params['user'],
+                $password,
+                $driverOptions
+            );
             $tablePrefix = isset($params['tablePrefix']) ? $params['tablePrefix'] : '';
             $this->dbValidator->checkDatabaseTablePrefix($tablePrefix);
             return new JsonModel(['success' => true]);
         } catch (\Exception $e) {
             return new JsonModel(['success' => false, 'error' => $e->getMessage()]);
         }
     }
+
+    /**
+     * Is Driver Options Given
+     *
+     * @param array $params
+     * @return bool
+     */
+    private function isDriverOptionsGiven($params)
+    {
+        return !(
+            empty($params['driverOptionsSslKey']) ||
+            empty($params['driverOptionsSslCert']) ||
+            empty($params['driverOptionsSslCa'])
+        );
+    }
 }

setup/src/Magento/Setup/Model/ConfigGenerator.php

@@ -14,10 +14,12 @@
 use Magento\Framework\Config\ConfigOptionsListConstants;
 use Magento\Framework\App\State;
 use Magento\Framework\Math\Random;
+use Magento\Setup\Model\ConfigOptionsList\DriverOptions;
 
 /**
  * Creates deployment config data based on user input array
- * this class introduced to break down Magento\Setup\Model\ConfigOptionsList::createConfig
+ *
+ * This class introduced to break down {@see Magento\Setup\Model\ConfigOptionsList::createConfig}
  */
 class ConfigGenerator
 {
@@ -61,28 +63,37 @@ class ConfigGenerator
      */
     private $cryptKeyGenerator;
 
+    /**
+     * @var DriverOptions
+     */
+    private $driverOptions;
+
     /**
      * Constructor
      *
      * @param Random $random Deprecated since 100.2.0
      * @param DeploymentConfig $deploymentConfig
      * @param ConfigDataFactory|null $configDataFactory
      * @param CryptKeyGeneratorInterface|null $cryptKeyGenerator
+     * @param DriverOptions|null $driverOptions
      */
     public function __construct(
         Random $random,
         DeploymentConfig $deploymentConfig,
         ConfigDataFactory $configDataFactory = null,
-        CryptKeyGeneratorInterface $cryptKeyGenerator = null
+        CryptKeyGeneratorInterface $cryptKeyGenerator = null,
+        DriverOptions $driverOptions = null
     ) {
         $this->random = $random;
         $this->deploymentConfig = $deploymentConfig;
         $this->configDataFactory = $configDataFactory ?? ObjectManager::getInstance()->get(ConfigDataFactory::class);
         $this->cryptKeyGenerator = $cryptKeyGenerator ?? ObjectManager::getInstance()->get(CryptKeyGenerator::class);
+        $this->driverOptions = $driverOptions ?? ObjectManager::getInstance()->get(DriverOptions::class);
     }
 
     /**
      * Creates encryption key config data
+     *
      * @param array $data
      * @return ConfigData
      */
@@ -179,6 +190,9 @@ public function createDbConfig(array $data)
             $configData->set($dbConnectionPrefix . ConfigOptionsListConstants::KEY_ACTIVE, '1');
         }
 
+        $driverOptions = $this->driverOptions->getDriverOptions($data);
+        $configData->set($dbConnectionPrefix . ConfigOptionsListConstants::KEY_DRIVER_OPTIONS, $driverOptions);
+
         return $configData;
     }
 

setup/src/Magento/Setup/Model/ConfigOptionsList.php

@@ -13,6 +13,7 @@
 use Magento\Framework\Setup\Option\FlagConfigOption;
 use Magento\Framework\Setup\Option\SelectConfigOption;
 use Magento\Framework\Setup\Option\TextConfigOption;
+use Magento\Setup\Model\ConfigOptionsList\DriverOptions;
 use Magento\Setup\Validator\DbValidator;
 
 /**
@@ -54,17 +55,24 @@ class ConfigOptionsList implements ConfigOptionsListInterface
         \Magento\Setup\Model\ConfigOptionsList\Lock::class,
     ];
 
+    /**
+     * @var DriverOptions
+     */
+    private $driverOptions;
+
     /**
      * Constructor
      *
      * @param ConfigGenerator $configGenerator
      * @param DbValidator $dbValidator
      * @param KeyValidator|null $encryptionKeyValidator
+     * @param DriverOptions|null $driverOptions
      */
     public function __construct(
         ConfigGenerator $configGenerator,
         DbValidator $dbValidator,
-        KeyValidator $encryptionKeyValidator = null
+        KeyValidator $encryptionKeyValidator = null,
+        DriverOptions $driverOptions = null
     ) {
         $this->configGenerator = $configGenerator;
         $this->dbValidator = $dbValidator;
@@ -73,11 +81,11 @@ public function __construct(
             $this->configOptionsCollection[] = $objectManager->get($className);
         }
         $this->encryptionKeyValidator = $encryptionKeyValidator ?: $objectManager->get(KeyValidator::class);
+        $this->driverOptions = $driverOptions ?? $objectManager->get(DriverOptions::class);
     }
 
     /**
      * @inheritdoc
-     *
      * @SuppressWarnings(PHPMD.ExcessiveMethodLength)
      */
     public function getOptions()
@@ -164,6 +172,36 @@ public function getOptions()
                 ConfigOptionsListConstants::CONFIG_PATH_CACHE_HOSTS,
                 'http Cache hosts'
             ),
+            new TextConfigOption(
+                ConfigOptionsListConstants::INPUT_KEY_DB_SSL_KEY,
+                TextConfigOption::FRONTEND_WIZARD_TEXT,
+                ConfigOptionsListConstants::CONFIG_PATH_DB_CONNECTION_DEFAULT_DRIVER_OPTIONS .
+                '/' . ConfigOptionsListConstants::KEY_MYSQL_SSL_KEY,
+                'Full path of client key file in order to establish db connection through SSL',
+                null
+            ),
+            new TextConfigOption(
+                ConfigOptionsListConstants::INPUT_KEY_DB_SSL_CERT,
+                TextConfigOption::FRONTEND_WIZARD_TEXT,
+                ConfigOptionsListConstants::CONFIG_PATH_DB_CONNECTION_DEFAULT_DRIVER_OPTIONS .
+                '/' . ConfigOptionsListConstants::KEY_MYSQL_SSL_CERT,
+                'Full path of client certificate file in order to establish db connection through SSL',
+                null
+            ),
+            new TextConfigOption(
+                ConfigOptionsListConstants::INPUT_KEY_DB_SSL_CA,
+                TextConfigOption::FRONTEND_WIZARD_TEXT,
+                ConfigOptionsListConstants::CONFIG_PATH_DB_CONNECTION_DEFAULT_DRIVER_OPTIONS .
+                '/' . ConfigOptionsListConstants::KEY_MYSQL_SSL_CA,
+                'Full path of server certificate file in order to establish db connection through SSL',
+                null
+            ),
+            new FlagConfigOption(
+                ConfigOptionsListConstants::INPUT_KEY_DB_SSL_VERIFY,
+                ConfigOptionsListConstants::CONFIG_PATH_DB_CONNECTION_DEFAULT_DRIVER_OPTIONS .
+                '/' . ConfigOptionsListConstants::KEY_MYSQL_SSL_VERIFY,
+                'Verify server certification'
+            ),
         ];
 
         foreach ($this->configOptionsCollection as $configOptionsList) {
@@ -349,12 +387,14 @@ private function validateDbSettings(array $options, DeploymentConfig $deployment
         ) {
             try {
                 $options = $this->getDbSettings($options, $deploymentConfig);
+                $driverOptions = $this->driverOptions->getDriverOptions($options);
 
-                $this->dbValidator->checkDatabaseConnection(
+                $this->dbValidator->checkDatabaseConnectionWithDriverOptions(
                     $options[ConfigOptionsListConstants::INPUT_KEY_DB_NAME],
                     $options[ConfigOptionsListConstants::INPUT_KEY_DB_HOST],
                     $options[ConfigOptionsListConstants::INPUT_KEY_DB_USER],
-                    $options[ConfigOptionsListConstants::INPUT_KEY_DB_PASSWORD]
+                    $options[ConfigOptionsListConstants::INPUT_KEY_DB_PASSWORD],
+                    $driverOptions
                 );
             } catch (\Exception $exception) {
                 $errors[] = $exception->getMessage();

setup/src/Magento/Setup/Model/ConfigOptionsList/DriverOptions.php

@@ -0,0 +1,72 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+declare(strict_types=1);
+
+namespace Magento\Setup\Model\ConfigOptionsList;
+
+use Magento\Framework\Config\ConfigOptionsListConstants;
+
+/**
+ * MySql driver options
+ */
+class DriverOptions
+{
+    /**
+     * Get driver options.
+     *
+     * @param array $options
+     * @return array
+     */
+    public function getDriverOptions(array $options): array
+    {
+        $driverOptionKeys = [
+            ConfigOptionsListConstants::KEY_MYSQL_SSL_KEY => ConfigOptionsListConstants::INPUT_KEY_DB_SSL_KEY,
+            ConfigOptionsListConstants::KEY_MYSQL_SSL_CERT => ConfigOptionsListConstants::INPUT_KEY_DB_SSL_CERT,
+            ConfigOptionsListConstants::KEY_MYSQL_SSL_CA => ConfigOptionsListConstants::INPUT_KEY_DB_SSL_CA,
+        ];
+        $booleanDriverOptionKeys = [
+            ConfigOptionsListConstants::KEY_MYSQL_SSL_VERIFY => ConfigOptionsListConstants::INPUT_KEY_DB_SSL_VERIFY,
+        ];
+        $driverOptions = [];
+        foreach ($driverOptionKeys as $configKey => $driverOptionKey) {
+            if ($this->optionExists($options, $driverOptionKey)) {
+                $driverOptions[$configKey] = $options[$driverOptionKey];
+            }
+        }
+        foreach ($booleanDriverOptionKeys as $configKey => $driverOptionKey) {
+            $driverOptions[$configKey] = $this->booleanValue($options, $driverOptionKey);
+        }
+
+        return $driverOptions;
+    }
+
+    /**
+     * Check if provided option exists.
+     *
+     * @param array $options
+     * @param string $driverOptionKey
+     * @return bool
+     */
+    private function optionExists(array $options, string $driverOptionKey): bool
+    {
+        return isset($options[$driverOptionKey])
+            && ($options[$driverOptionKey] === false || !empty($options[$driverOptionKey]));
+    }
+
+    /**
+     * Transforms checkbox flag value into boolean.
+     *
+     * @see https://developer.mozilla.org/en-US/docs/Web/HTML/Element/input/checkbox#value
+     *
+     * @param array $options
+     * @param string $driverOptionKey
+     * @return bool
+     */
+    private function booleanValue(array $options, string $driverOptionKey): bool
+    {
+        return isset($options[$driverOptionKey]) && (bool)$options[$driverOptionKey];
+    }
+}