MCPcopy
hub / github.com/crowdsecurity/crowdsec / ConnectionString

Method ConnectionString

pkg/csconfig/database.go:132–219  ·  view source on GitHub ↗
()

Source from the content-addressed store, hash-verified

130}
131
132func (d *DatabaseCfg) ConnectionString() (string, error) {
133 connString := ""
134
135 switch d.Type {
136 case "sqlite":
137 // this should make both sqlite3 and modernc/sqlite happy.
138 sqliteConnectionStringParameters := "_busy_timeout=100000&_fk=1&_pragma=foreign_keys(1)"
139 if d.UseWal != nil && *d.UseWal {
140 sqliteConnectionStringParameters += "&_journal_mode=WAL"
141 }
142
143 connString = fmt.Sprintf("file:%s?%s", d.DbPath, sqliteConnectionStringParameters)
144 case "mysql":
145 params := url.Values{}
146 params.Add("parseTime", "True")
147
148 tlsConfig := &tls.Config{}
149
150 // This is just to get an initial value, don't care about the error
151 systemRootCAs, _ := x509.SystemCertPool()
152 if systemRootCAs != nil {
153 tlsConfig.RootCAs = systemRootCAs
154 }
155
156 if d.isSocketConfig() {
157 connString = fmt.Sprintf("%s:%s@unix(%s)/%s", d.User, d.Password, d.DbPath, d.DbName)
158 } else {
159 connString = fmt.Sprintf("%s:%s@tcp(%s:%d)/%s", d.User, d.Password, d.Host, d.Port, d.DbName)
160 }
161
162 if d.SSLMode != "" {
163 // This will be overridden if a CA or client cert is provided
164 params.Set("tls", d.SSLMode)
165 }
166
167 if d.SSLCACert != "" {
168 caCert, err := os.ReadFile(d.SSLCACert)
169 if err != nil {
170 return "", fmt.Errorf("failed to read CA cert file %s: %w", d.SSLCACert, err)
171 }
172 if tlsConfig.RootCAs == nil {
173 tlsConfig.RootCAs = x509.NewCertPool()
174 }
175 if !tlsConfig.RootCAs.AppendCertsFromPEM(caCert) {
176 return "", fmt.Errorf("failed to append CA cert file %s: %w", d.SSLCACert, err)
177 }
178 params.Set("tls", "custom")
179 }
180
181 if d.SSLClientCert != "" && d.SSLClientKey != "" {
182 cert, err := tls.LoadX509KeyPair(d.SSLClientCert, d.SSLClientKey)
183 if err != nil {
184 return "", fmt.Errorf("failed to load client cert/key pair: %w", err)
185 }
186 tlsConfig.Certificates = []tls.Certificate{cert}
187 params.Set("tls", "custom")
188 }
189

Callers 1

NewClientFunction · 0.80

Calls 4

isSocketConfigMethod · 0.95
AddMethod · 0.45
SetMethod · 0.45
GetMethod · 0.45

Tested by

no test coverage detected