[wp-trac] [WordPress Trac] #24816: Add support for secure DB connections to PDO / mysqli
WordPress Trac
noreply at wordpress.org
Mon Jul 22 14:04:08 UTC 2013
#24816: Add support for secure DB connections to PDO / mysqli
----------------------------+--------------------------------------
Reporter: hypertextranch | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Database | Version:
Severity: normal | Keywords: needs-patch dev-feedback
----------------------------+--------------------------------------
With the advent of database as a service cloud providers like Amazon RDS,
ClearDB, etc. it would be good to have the option of connecting to MySQL
over SSL so database credentials are not sent in clear text over the
internet.
SSL support for mysql_connect was added in #19324 however with the
impending update (in 3.6?) to PDO / mysql_* for database connections
#21663 we will no longer have this option. (By the way I'm not sure the
`MYSQL_CLIENT_SSL` flag in `mysql_connect()` ever worked as there's
nowhere to specify CA/key/cert file paths)
I propose we patch #21663 to construct SSL enabled DB connections with
`mysqli::ssl_set()` and PDO driver options flags when all of the following
constants are defined:
* `DB_SSL_KEY`
* `DB_SSL_CERT`
* `DB_SSL_CA`
References:
http://www.php.net/manual/en/mysqli.ssl-set.php
http://php.net/manual/en/ref.pdo-mysql.php
--
Ticket URL: <http://core.trac.wordpress.org/ticket/24816>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list