From c57e440b9c786f69e50b823a79686d7b92ca18b6 Mon Sep 17 00:00:00 2001
From: Dirk Merkel <dirk@proper.io>
Date: Thu, 23 Apr 2020 11:45:56 -0700
Subject: [PATCH] Worked out the kinks.

---
 Migrate/Command/AbstractEnvCommand.php | 41 +++++++++++++-------------
 Migrate/Command/AddEnvCommand.php      | 33 ++++++++-------------
 templates/env.json.tpl                 |  7 ++---
 templates/env.php.tpl                  |  7 ++---
 templates/env.yml.tpl                  |  7 ++---
 5 files changed, 42 insertions(+), 53 deletions(-)

diff --git a/Migrate/Command/AbstractEnvCommand.php b/Migrate/Command/AbstractEnvCommand.php
index 1597a46..71db6ed 100644
--- a/Migrate/Command/AbstractEnvCommand.php
+++ b/Migrate/Command/AbstractEnvCommand.php
@@ -79,13 +79,12 @@ protected function init(InputInterface $input, OutputInterface $output, $env = n
         $username = ArrayUtil::get($conf['connection'], 'username');
         $password = ArrayUtil::get($conf['connection'], 'password');
         $charset = ArrayUtil::get($conf['connection'], 'charset');
-		$sslCert = ArrayUtil::get($conf['connection'], 'cert');
-		$sslCertVerify = ArrayUtil::get($conf['connection'], 'cert-verify') || false;
-		$sslKey = ArrayUtil::get($conf['connection'], 'ssl-key');
-		$sslSecret = ArrayUtil::get($conf['connection'], 'ssl-secret');
+        $sslCaCert = ArrayUtil::get($conf['connection'], 'ssl-ca-cert');
+        $sslCert = ArrayUtil::get($conf['connection'], 'ssl-cert');
+        $sslKey = ArrayUtil::get($conf['connection'], 'ssl-key');
 
         $uri = $driver;
-		$opt = array();
+        $opt = array();
 
         if ($driver == 'sqlite') {
             $uri .= ":$dbname";
@@ -95,27 +94,27 @@ protected function init(InputInterface $input, OutputInterface $output, $env = n
             $uri .= ($port === null) ? '' : ";port=$port";
             $uri .= ($charset === null) ? '' : ";charset=$charset";
 
-			// add an ssl cert
-			if (!empty($sslCert)) {
-				$opt['PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT'] => "'" . $sslCert . "'";
-				$opt['PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT'] => "'" . $sslCertVerify . "'";
-			}
-
-			// add ssl an key
-			if (!empty($sslKey)) {
-				$opt['PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT'] => "'" . $sslKey . "'";
-			}
-
-			// add ssl an secret
-			if (!empty($sslSecret)) {
-				$opt['PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT'] => "'" . $sslSecret . "'";
-			}
+            // add an ssl ca cert
+            if (!empty($sslCaCert)) {
+                $opt[\PDO::MYSQL_ATTR_SSL_CA] = $sslCaCert;
+            }
+
+            // add an ssl cert
+            if (!empty($sslCert)) {
+                $opt[\PDO::MYSQL_ATTR_SSL_CERT] = $sslCert;
+            }
+
+            // add an ssl key
+            if (!empty($sslKey)) {
+                $opt[\PDO::MYSQL_ATTR_SSL_KEY] = $sslKey;
+            }
         }
+
         $this->db = new \PDO(
             $uri,
             $username,
             $password,
-            array()
+            $opt
         );
 
         $output->writeln('<info>connected</info>');
diff --git a/Migrate/Command/AddEnvCommand.php b/Migrate/Command/AddEnvCommand.php
index 5f69a1b..d0cfc65 100644
--- a/Migrate/Command/AddEnvCommand.php
+++ b/Migrate/Command/AddEnvCommand.php
@@ -101,30 +101,24 @@ protected function execute(InputInterface $input, OutputInterface $output)
         );
         $defaultEditor = $questions->ask($input, $output, $defaultEditorQuestion);
 
-		$sslCertQuestion = new Question(
-            "Please enter the path and name of the SSL certificate to use (if any): ",
+        $sslCaCertQuestion = new Question(
+            "Please enter the path and name of the SSL certificate authority certificate to use (if any): ",
             "vim"
         );
-        $sslCert = $questions->ask($input, $output, $sslCertQuestion);
+        $sslCaCert = $questions->ask($input, $output, $sslCaCertQuestion);
 
-		$sslCertVerifyQuestion = new Question(
-            "Please enter whether to verify the SSL certificate <info>(default false)</info>: ",
-            "vim"
+        $sslCertQuestion = new Question(
+            "Please enter the path and name of the SSL certificate to use (if any): ",
+            ""
         );
-        $sslCertVerify = $questions->ask($input, $output, $sslCertVerifyQuestion);
+        $sslCert = $questions->ask($input, $output, $sslCertQuestion);
 
-		$sslKeyQuestion = new Question(
-            "Please enter the text editor to use by default <info>(default vim)</info>: ",
-            "vim"
+        $sslKeyQuestion = new Question(
+            "Please enter the path and name of the SSL certificate key to use (if any): ",
+            ""
         );
         $sslKey = $questions->ask($input, $output, $sslKeyQuestion);
 
-		$sslSecretQuestion = new Question(
-            "Please enter the text editor to use by default <info>(default vim)</info>: ",
-            "vim"
-        );
-        $sslSecret = $questions->ask($input, $output, $sslSecretQuestion);
-
         $confTemplate = file_get_contents(__DIR__ . '/../../templates/env.' . $format . '.tpl');
         $confTemplate = str_replace('{DRIVER}', $driver, $confTemplate);
         $confTemplate = str_replace('{HOST}', $dbHost, $confTemplate);
@@ -135,10 +129,9 @@ protected function execute(InputInterface $input, OutputInterface $output)
         $confTemplate = str_replace('{CHARSET}', $dbCharset, $confTemplate);
         $confTemplate = str_replace('{CHANGELOG}', $changelogTable, $confTemplate);
         $confTemplate = str_replace('{EDITOR}', $defaultEditor, $confTemplate);
-		$confTemplate = str_replace('{SSLCERT}', $sslCert, $confTemplate);
-		$confTemplate = str_replace('{SSLCERTVERIFY}', $sslCertVerify, $confTemplate);
-		$confTemplate = str_replace('{SSLKEY}', $sslKey, $confTemplate);
-		$confTemplate = str_replace('{SSLSECRET}', $sslSecret, $confTemplate);
+        $confTemplate = str_replace('{SSLCACERT}', $sslCaCert, $confTemplate);
+        $confTemplate = str_replace('{SSLCERT}', $sslCert, $confTemplate);
+        $confTemplate = str_replace('{SSLKEY}', $sslKey, $confTemplate);
 
         file_put_contents($envConfigFile, $confTemplate);
     }
diff --git a/templates/env.json.tpl b/templates/env.json.tpl
index b47f223..cbced5d 100644
--- a/templates/env.json.tpl
+++ b/templates/env.json.tpl
@@ -6,10 +6,9 @@
         "username": "{USERNAME}",
         "password": "{PASSWORD}",
         "database": "{DATABASE}",
-		"ssl-cert": "{SSLCERT}",
-		"ssl-cert-verify": "{SSLCERTVERIFY}",
-		"ssl-key": "{SSLKEY}",
-		"ssl-secret": "{SSLSECRET}",
+        "ssl-ca-cert": "{SSLCACERT}",
+        "ssl-cert": "{SSLCERT}",
+        "ssl-key": "{SSLKEY}",
     },
     "changelog": "{CHANGELOG}",
     "default_editor": "{EDITOR}"
diff --git a/templates/env.php.tpl b/templates/env.php.tpl
index a8befb1..f7761b6 100644
--- a/templates/env.php.tpl
+++ b/templates/env.php.tpl
@@ -8,10 +8,9 @@ return [
         "username" => "{USERNAME}",
         "password" => "{PASSWORD}",
         "database" => "{DATABASE}",
-		"ssl-cert" => "{SSLCERT}",
-		"ssl-cert-verify" => "{SSLCERTVERIFY}",
-		"ssl-key" => "{SSLKEY}",
-		"ssl-secret" => "{SSLSECRET}",
+        "ssl-ca-cert" => "{SSLCACERT}",
+        "ssl-cert" => "{SSLCERT}",
+        "ssl-key" => "{SSLKEY}",
     ],
     "changelog" => "{CHANGELOG}",
     "default_editor" => "{EDITOR}"
diff --git a/templates/env.yml.tpl b/templates/env.yml.tpl
index 8171c23..69a727a 100644
--- a/templates/env.yml.tpl
+++ b/templates/env.yml.tpl
@@ -6,10 +6,9 @@ connection:
     password:   {PASSWORD}
     database:   {DATABASE}
     charset:    {CHARSET}
-	ssl-cert:   {SSLCERT}
-	ssl-cert:   {SSLCERTVERIFY}
-	ssl-key:    {SSLKEY}
-	ssl-secret: {SSLSECRET}
+    ssl-ca-cert: {SSLCACERT}
+    ssl-cert:   {SSLCERT}
+    ssl-key:    {SSLKEY}
 
 changelog: {CHANGELOG}
 default_editor: {EDITOR}