Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
A security requirement for Classic developers requires a SSL and certificates to access remote mysql servers. D7 supports passing additional PDO options to database connections in settings.php. But, drush does not allow passing optional driver_options to PDO constructors.
Comment | File | Size | Author |
---|---|---|---|
#11 | drush-pdo-ssl-2009292-11.patch | 3.18 KB | JWSmith |
#10 | drush-pdo-ssl-2009292-10.patch | 3.83 KB | JWSmith |
#3 | drush-pdo-ssl-2009292-2.patch | 2.38 KB | JWSmith |
#1 | drush-pdo-ssl-2009292-1.patch | 2.37 KB | bdone |
Comments
Comment #1
bdone CreditAttribution: bdone commentedthis patch adds PDO SSL support
Comment #2
greg.1.anderson CreditAttribution: greg.1.anderson commentedSeems like a good idea overall, but I am unsure about this line:
Is there any way this could be made more cross-platform, e.g. so that it does not just silently fail on Windows?
Comment #3
JWSmith CreditAttribution: JWSmith commentedCorrecting patch. Missing parameter in mysql_connect command.
Also would like to add, that this works for SSL connections on Drupal 6.x as well, but needs the patch here (https://drupal.org/node/1438766#comment-7104986) applied to Drupal 6.x for everything to work correctly.
Comment #4
JWSmith CreditAttribution: JWSmith commentedThat command works in our environment, although it should probably configurable for the path. That portion is only used when dealing with Drupal 6.x.
The patch I linked to in Comment #3, could probably be worked into drush as well, which should make this more usable in a general nature.
https://drupal.org/node/1438766#comment-7104986
Comment #5
moshe weitzman CreditAttribution: moshe weitzman commentedNeeds work for the path. In general, I'm not feeling much need for this. Drush has been around for years and noone asked for it. That makes it a pretty far edge case.
Comment #6
deekayen CreditAttribution: deekayen commentedI know highlights magazine has needed various MySQL SSL support. I'll see if I can get Angela Gann or her minions to comment as well.
I agree, he patch probably goes nowhere until the my.cnf path is resolved.
Comment #7
moshe weitzman CreditAttribution: moshe weitzman commentedrelated - #671906: mysql credentials leak in drush sqlc
Comment #8
deekayen CreditAttribution: deekayen commentedI think the SSL reasoning for adding this support is misleading. There are a bunch of PDO options you could pass to the connection other than just SSL information. #1309278: Make PDO connection options configurable is one of the related Drupal core issues.
Comment #9
deekayen CreditAttribution: deekayen commentedhttps://gist.github.com/deekayen/5687918 is related, too, but for older Drupal. Just another approach at doing SSL to MySQL.
Comment #10
JWSmith CreditAttribution: JWSmith commentedI've attached a reworked patch that will pick up the path for the my.cnf file from the sites settings.php file.
I've submitted a patch for d6.x here - https://drupal.org/node/1438766. This patch would require the patch for D6.x to be applied, or accepted into D6.x core before it would be fully functional.
This patch also enables use of the pdo options array in Drupal 7.x core, which are not currently supported by Drush.
Patch was created against the latest 8.x-6.x-dev branch.
Comment #11
JWSmith CreditAttribution: JWSmith commentedAlthough the current 8.x-6.x (aka Drush 6.0-dev) branch includes minimal support for using PDO options out of the box on Drupal 6.x sites. The above patch will work with both Drupal 7.x and Drupal 6.x sites when using an SSL DB connection.
I've attached a new patch against the latest 8.x-6.x branch.
Edit: This would still need the patch linked to in comment #'s 3/4 to either be applied to Drupal 6.x or merged into D6.x core.
Comment #12
moshe weitzman CreditAttribution: moshe weitzman commentedthis needs more support before it will be considered further.
Comment #13
greg.1.anderson CreditAttribution: greg.1.anderson commentedThis issue was marked
closed (won't fix)
because Drush has moved to Github.If this feature is still desired, you may copy it to our Github project. For best results, create a Pull Request that has been updated for the master branch. Post a link here to the PR, and please also change the status of this issue to
closed (duplicate)
.Please ask support questions on Drupal Answers.
Comment #14
colanSee https://github.com/drush-ops/drush/issues/965.