feat: 远程数据库增加是否开启 CA 验证选项 (#3232)

2023-12-08 17:26:07 +08:00 · 2023-12-08 17:26:07 +08:00 · 3f8abf8ad8
parent d4def44545
commit 3f8abf8ad8
7 changed files with 27 additions and 12 deletions
--- a/backend/utils/mysql/client/info.go
+++ b/backend/utils/mysql/client/info.go
@ -149,8 +149,10 @@ func ConnWithSSL(ssl, skipVerify bool, clientKey, clientCert, rootCert string) (
 		return "", nil
 	}
 	pool := x509.NewCertPool()
-	if ok := pool.AppendCertsFromPEM([]byte(rootCert)); !ok {
-		return "", errors.New("unable to append root cert to pool")
+	if len(rootCert) != 0 {
+		if ok := pool.AppendCertsFromPEM([]byte(rootCert)); !ok {
+			return "", errors.New("unable to append root cert to pool")
+		}
 	}
 	cert, err := tls.X509KeyPair([]byte(clientCert), []byte(clientKey))
 	if err != nil {
--- a/frontend/src/api/interface/database.ts
+++ b/frontend/src/api/interface/database.ts
@ -215,6 +215,7 @@ export namespace Database {
        password: string;

        ssl: boolean;
+        hasCA: boolean;
        rootCert: string;
        clientKey: string;
        clientCert: string;
--- a/frontend/src/lang/modules/en.ts
+++ b/frontend/src/lang/modules/en.ts
@ -396,6 +396,7 @@ const message = {
        clientKey: 'Client Private Key',
        clientCert: 'Client Certificate',
        caCert: 'CA Certificate',
+        hasCA: 'Has CA Certificate',
        skipVerify: 'Ignore Certificate Validity Check',

        formatHelper:
--- a/frontend/src/lang/modules/tw.ts
+++ b/frontend/src/lang/modules/tw.ts
@ -388,6 +388,7 @@ const message = {
        clientKey: '客户端私钥',
        clientCert: '客户端证书',
        caCert: 'CA 证书',
+        hasCA: '擁有 CA 證書',
        skipVerify: '忽略校验证书可用性检测',

        formatHelper: '當前資料庫字符集為 {0}，字符集不一致可能導致恢復失敗',
--- a/frontend/src/lang/modules/zh.ts
+++ b/frontend/src/lang/modules/zh.ts
@ -387,6 +387,7 @@ const message = {
        ssl: '使用 SSL',
        clientKey: '客户端私钥',
        clientCert: '客户端证书',
+        hasCA: '拥有 CA 证书',
        caCert: 'CA 证书',
        skipVerify: '忽略校验证书可用性检测',

--- a/frontend/src/views/container/container/operate/index.vue
+++ b/frontend/src/views/container/container/operate/index.vue
@ -184,9 +184,9 @@
                            {{ $t('container.autoRemove') }}
                        </el-checkbox>
                    </el-form-item>
-                    <el-form-item :label="$t('container.privileged')">
+                    <el-form-item>
                        <el-checkbox v-model="dialogData.rowData!.privileged">
-                            {{ $t('commons.button.start') }}
+                            {{ $t('container.privileged') }}
                        </el-checkbox>
                        <span class="input-help">{{ $t('container.privilegedHelper') }}</span>
                    </el-form-item>
--- a/frontend/src/views/database/mysql/remote/operate/index.vue
+++ b/frontend/src/views/database/mysql/remote/operate/index.vue
@ -62,6 +62,20 @@
                        />
                    </el-form-item>
                    <div v-if="dialogData.rowData!.ssl">
+                        <el-form-item>
+                            <el-checkbox
+                                @change="isOK = false"
+                                v-model="dialogData.rowData!.hasCA"
+                                :label="$t('database.hasCA')"
+                            />
+                        </el-form-item>
+                        <el-form-item>
+                            <el-checkbox
+                                @change="isOK = false"
+                                v-model="dialogData.rowData!.skipVerify"
+                                :label="$t('database.skipVerify')"
+                            />
+                        </el-form-item>
                        <el-form-item :label="$t('database.clientKey')" prop="clientKey">
                            <el-input
                                type="textarea"
@ -78,7 +92,7 @@
                                v-model="dialogData.rowData!.clientCert"
                            />
                        </el-form-item>
-                        <el-form-item :label="$t('database.caCert')" prop="rootCert">
+                        <el-form-item v-if="dialogData.rowData!.hasCA" :label="$t('database.caCert')" prop="rootCert">
                            <el-input
                                type="textarea"
                                @change="isOK = false"
@ -86,13 +100,6 @@
                                v-model="dialogData.rowData!.rootCert"
                            />
                        </el-form-item>
-                        <el-form-item>
-                            <el-checkbox
-                                @change="isOK = false"
-                                v-model="dialogData.rowData!.skipVerify"
-                                :label="$t('database.skipVerify')"
-                            />
-                        </el-form-item>
                    </div>
                    <el-form-item :label="$t('commons.table.description')" prop="description">
                        <el-input clearable v-model.trim="dialogData.rowData!.description" />
@ -151,6 +158,7 @@ const acceptParams = (params: DialogProps): void => {
    if (dialogData.value.rowData.version.startsWith('10.')) {
        dialogData.value.rowData.version = '10.x';
    }
+    dialogData.value.rowData.hasCA = dialogData.value.rowData.rootCert?.length === 0;
    title.value = i18n.global.t('database.' + dialogData.value.title + 'RemoteDB');
    drawerVisible.value = true;
 };
@ -188,6 +196,7 @@ const onSubmit = async (formEl: FormInstance | undefined, operation: string) =>
        if (!valid) return;
        dialogData.value.rowData.from = 'remote';
        loading.value = true;
+        dialogData.value.rowData.rootCert = dialogData.value.rowData.hasCA ? dialogData.value.rowData.rootCert : '';
        if (operation === 'check') {
            await checkDatabase(dialogData.value.rowData)
                .then((res) => {