my $class = shift;
if (!$class->request_cache->{dbh_shadow}) {
- if ($class->params->{'shadowdb'}) {
+ if ($class->localconfig->{db_shadow}{db_name}) {
$class->request_cache->{dbh_shadow} = Bugzilla::DB::connect_shadow();
} else {
$class->request_cache->{dbh_shadow} = $class->dbh_main;
# If we are behind a reverse proxy, we need to determine the original
# URL, else the comparison with the attachment_base URL will fail.
- if (Bugzilla->params->{'inbound_proxies'}) {
+ if (Bugzilla->localconfig->{'inbound_proxies'}) {
# X-Forwarded-Proto is defined in RFC 7239.
my $protocol = $ENV{HTTP_X_FORWARDED_PROTO} || $self->protocol;
my $host = $self->virtual_host;
my $entry = $params{$name};
# sanity check the value
-
- # XXX - This runs the checks. Which would be good, except that
- # check_shadowdb creates the database as a side effect, and so the
- # checker fails the second time around...
- if ($name ne 'shadowdb' && exists $entry->{'checker'}) {
+ if (exists $entry->{'checker'}) {
my $err = $entry->{'checker'}->($value, $entry);
die "Param $name is not valid: $err" unless $err eq '';
}
our $sortkey = 1700;
use constant get_param_list => (
- {
- name => 'inbound_proxies',
- type => 't',
- default => '',
- checker => \&check_inbound_proxies
- },
-
{
name => 'proxy_url',
type => 't',
},
);
-sub check_inbound_proxies {
- my $inbound_proxies = shift;
-
- return "" if $inbound_proxies eq "*";
- my @proxies = split(/[\s,]+/, $inbound_proxies);
- foreach my $proxy (@proxies) {
- validate_ip($proxy) || return "$proxy is not a valid IPv4 or IPv6 address";
- }
- return "";
-}
-
1;
@Bugzilla::Config::Common::EXPORT =
qw(check_multi check_numeric check_regexp check_group
check_sslbase check_priority check_severity check_platform
- check_opsys check_shadowdb check_urlbase check_user_verify_class
+ check_opsys check_urlbase check_user_verify_class
check_ip check_mail_delivery_method check_notification
check_bug_status check_smtp_auth check_theschwartz_available
check_maxattachmentsize check_email check_smtp_ssl
return "";
}
-sub check_shadowdb {
- my ($value) = (@_);
- $value = trim($value);
- if ($value eq "") {
- return "";
- }
-
- if (!Bugzilla->params->{'shadowdbhost'}) {
- return "You need to specify a host when using a shadow database";
- }
-
- # Can't test existence of this because ConnectToDatabase uses the param,
- # but we can't set this before testing....
- # This can really only be fixed after we can use the DBI more openly
- return "";
-}
-
sub check_urlbase {
my ($url) = (@_);
if ($url && $url !~ m:^http.*/$:) {
sub check_user_verify_class {
# doeditparams traverses the list of params, and for each one it checks,
- # then updates. This means that if one param checker wants to look at
- # other params, it must be below that other one. So you can't have two
+ # then updates. This means that if one param checker wants to look at
+ # other params, it must be below that other one. So you can't have two
# params mutually dependent on each other.
# This means that if someone clears the LDAP config params after setting
# the login method as LDAP, we won't notice, but all logins will fail.
return "LDAP support is not available. Run checksetup.pl"
. " for more details";
}
- return "LDAP servername (LDAPserver) is missing"
+ return "LDAP servername (LDAPserver) is missing"
if !$params->{"LDAPserver"};
return "LDAPBaseDN is empty" if !$params->{"LDAPBaseDN"};
}
=item check_resolution
-=item check_shadowdb
-
=item check_smtp_server
=item check_smtp_auth
+++ /dev/null
-# This Source Code Form is subject to the terms of the Mozilla Public
-# License, v. 2.0. If a copy of the MPL was not distributed with this
-# file, You can obtain one at http://mozilla.org/MPL/2.0/.
-#
-# This Source Code Form is "Incompatible With Secondary Licenses", as
-# defined by the Mozilla Public License, v. 2.0.
-
-package Bugzilla::Config::Memcached;
-
-use 5.14.0;
-use strict;
-use warnings;
-
-use Bugzilla::Config::Common;
-
-our $sortkey = 1550;
-
-sub get_param_list {
- return (
- {
- name => 'memcached_servers',
- type => 't',
- default => ''
- },
- {
- name => 'memcached_namespace',
- type => 't',
- default => 'bugzilla:',
- },
- );
-}
-
-1;
+++ /dev/null
-# This Source Code Form is subject to the terms of the Mozilla Public
-# License, v. 2.0. If a copy of the MPL was not distributed with this
-# file, You can obtain one at http://mozilla.org/MPL/2.0/.
-#
-# This Source Code Form is "Incompatible With Secondary Licenses", as
-# defined by the Mozilla Public License, v. 2.0.
-
-package Bugzilla::Config::ShadowDB;
-
-use 5.14.0;
-use strict;
-use warnings;
-
-use Bugzilla::Config::Common;
-
-our $sortkey = 1500;
-
-sub get_param_list {
- my $class = shift;
- my @param_list = (
- {
- name => 'shadowdbhost',
- type => 't',
- default => '',
- },
-
- {
- name => 'shadowdbport',
- type => 't',
- default => '3306',
- checker => \&check_numeric,
- },
-
- {
- name => 'shadowdbsock',
- type => 't',
- default => '',
- },
-
- # This entry must be _after_ the shadowdb{host,port,sock} settings so that
- # they can be used in the validation here
- {
- name => 'shadowdb',
- type => 't',
- default => '',
- checker => \&check_shadowdb
- } );
- return @param_list;
-}
-
-1;
#####################################################################
sub connect_shadow {
- my $params = Bugzilla->params;
- die "Tried to connect to non-existent shadowdb"
- unless $params->{'shadowdb'};
+ my $localconfig = Bugzilla->localconfig;
+ die "Tried to connect to non-existent shadowdb"
+ unless $localconfig->{db_shadow}{db_name};
# Instead of just passing in a new hashref, we locally modify the
# values of "localconfig", because some drivers access it while
# connecting.
- my %connect_params = %{ Bugzilla->localconfig };
- $connect_params{db_host} = $params->{'shadowdbhost'};
- $connect_params{db_name} = $params->{'shadowdb'};
- $connect_params{db_port} = $params->{'shadowdbport'};
- $connect_params{db_sock} = $params->{'shadowdbsock'};
+ my %connect_params = %{ $localconfig };
+ for my $key (qw(db_host db_name db_port db_sock)) {
+ $connect_params{$key} = $localconfig->{db_shadow}{$key};
+ }
return _connect(\%connect_params);
}
sub connect_main {
- return _connect(Bugzilla->localconfig);
+ return _connect(Bugzilla->localconfig);
}
sub _connect {
name => 'db_mysql_ssl_client_key',
default => '',
},
+ {
+ name => 'db_shadow',
+ default => sub {
+ return {
+ db_name => migrate_data_param('shadowdb'),
+ db_host => migrate_data_param('shadowdbhost'),
+ db_port => migrate_data_param('shadowdbport'),
+ db_sock => migrate_data_param('shadowdbsock'),
+ }
+ }
+ },
{
name => 'index_html',
default => 0,
name => 'apache_size_limit',
default => 250000,
},
+ {
+ name => 'inbound_proxies',
+ default => sub { migrate_data_param('inbound_proxies') // '' },
+ },
+ {
+ name => 'proxy_url',
+ default => sub { migrate_data_param('proxy_url') // '' },
+ },
+ {
+ name => 'memcached_servers',
+ default => sub { migrate_data_param('memcached_servers') // '' },
+ },
+ {
+ name => 'memcached_namespace',
+ default => sub { migrate_data_param('memcached_namespace') // 'bugzilla:' },
+ }
);
+sub migrate_data_param {
+ my ($name) = @_;
+ state $params = Bugzilla::Config::read_param_file();
+ return $params->{$name};
+}
sub read_localconfig {
my ($include_deprecated) = @_;
# always return an object to simplify calling code when memcached is
# disabled.
if (Bugzilla->feature('memcached')
- && Bugzilla->params->{memcached_servers})
+ && Bugzilla->localconfig->{memcached_servers})
{
require Cache::Memcached::Fast;
- $self->{namespace} = Bugzilla->params->{memcached_namespace} || '';
+ $self->{namespace} = Bugzilla->localconfig->{memcached_namespace} || '';
$self->{memcached} =
Cache::Memcached::Fast->new({
- servers => [ split(/[, ]+/, Bugzilla->params->{memcached_servers}) ],
+ servers => [ split(/[, ]+/, Bugzilla->localconfig->{memcached_servers}) ],
namespace => $self->{namespace},
});
}
return if !Bugzilla->params->{'sslbase'};
# If we're already running under SSL, never redirect.
- if (Bugzilla->params->{'inbound_proxies'}
+ if (Bugzilla->localconfig->{'inbound_proxies'}
&& uc($ENV{HTTP_X_FORWARDED_PROTO} || '') eq 'HTTPS') {
return;
}
return $sslbase;
}
# Return what the user currently uses.
- elsif (Bugzilla->params->{'inbound_proxies'}) {
+ elsif (Bugzilla->localconfig->{'inbound_proxies'}) {
return (uc($ENV{HTTP_X_FORWARDED_PROTO} || '') eq 'HTTPS') ? $sslbase : $urlbase;
}
else {
# Returns the real remote address of the client,
sub remote_ip {
my $remote_ip = $ENV{'REMOTE_ADDR'} || '127.0.0.1';
- my @proxies = split(/[\s,]+/, Bugzilla->params->{inbound_proxies});
+ my @proxies = split(/[\s,]+/, Bugzilla->localconfig->{inbound_proxies});
my @x_forwarded_for = split(/[\s,]+/, $ENV{HTTP_X_FORWARDED_FOR} // '');
return $remote_ip unless @x_forwarded_for;
use Bugzilla;
use Bugzilla::Util qw(remote_ip);
-my $params = Bugzilla->params;
+my $localconfig = Bugzilla->localconfig;
{
- local $params->{inbound_proxies} = '10.0.0.1,10.0.0.2';
+ local $localconfig->{inbound_proxies} = '10.0.0.1,10.0.0.2';
local $ENV{REMOTE_ADDR} = '10.0.0.2';
local $ENV{HTTP_X_FORWARDED_FOR} = '10.42.42.42';
}
{
- local $params->{inbound_proxies} = '10.0.0.1,10.0.0.2';
+ local $localconfig->{inbound_proxies} = '10.0.0.1,10.0.0.2';
local $ENV{REMOTE_ADDR} = '10.0.0.1';
local $ENV{HTTP_X_FORWARDED_FOR} = '10.42.42.42';
}
{
- local $params->{inbound_proxies} = '10.0.0.1,10.0.0.2';
+ local $localconfig->{inbound_proxies} = '10.0.0.1,10.0.0.2';
local $ENV{REMOTE_ADDR} = '10.0.0.3';
local $ENV{HTTP_X_FORWARDED_FOR} = '10.42.42.42';
}
{
- local $params->{inbound_proxies} = '*';
+ local $localconfig->{inbound_proxies} = '*';
local $ENV{REMOTE_ADDR} = '10.0.0.3';
local $ENV{HTTP_X_FORWARDED_FOR} = '10.42.42.42,1.4.9.2';
}
{
- local $params->{inbound_proxies} = '';
+ local $localconfig->{inbound_proxies} = '';
local $ENV{REMOTE_ADDR} = '10.9.8.7';
local $ENV{HTTP_X_FORWARDED_FOR} = '10.42.42.42,1.4.9.2';
{
- local $params->{inbound_proxies} = '10.0.0.1,2600:cafe::cafe:ffff:bf42:4998';
+ local $localconfig->{inbound_proxies} = '10.0.0.1,2600:cafe::cafe:ffff:bf42:4998';
local $ENV{REMOTE_ADDR} = '2600:cafe::cafe:ffff:bf42:4998';
local $ENV{HTTP_X_FORWARDED_FOR} = '2600:cafe::cafe:ffff:bf42:BEEF';
}
{
- local $params->{inbound_proxies} = '10.0.0.1,2600:cafe::cafe:ffff:bf42:4998';
+ local $localconfig->{inbound_proxies} = '10.0.0.1,2600:cafe::cafe:ffff:bf42:4998';
local $ENV{REMOTE_ADDR} = '2600:cafe::cafe:ffff:bf42:DEAD';
local $ENV{HTTP_X_FORWARDED_FOR} = '2600:cafe::cafe:ffff:bf42:BEEF';
{
- local $params->{inbound_proxies} = '*';
+ local $localconfig->{inbound_proxies} = '*';
local $ENV{REMOTE_ADDR} = '2600:cafe::cafe:ffff:bf42:DEAD';
local $ENV{HTTP_X_FORWARDED_FOR} = '';
[% END %]
[% param_descs = {
- inbound_proxies =>
- "When inbound traffic to Bugzilla goes through a proxy,"
- _ " Bugzilla thinks that the IP address of every single"
- _ " user is the IP address of the proxy. If you enter a comma-separated"
- _ " list of IPs in this parameter, then Bugzilla will trust any"
- _ " <code>X-Forwarded-For</code> header sent from those IPs,"
- _ " and use the value of that header as the end user's IP address."
- _ " If set to a *, $terms.Bugzilla will trust the first value in the "
- _ " X-Forwarded-For header.",
-
- proxy_url =>
- "Bugzilla may have to access the web to get notifications about"
- _ " new releases (see the <var>upgrade_notification</var> parameter)."
- _ " If your Bugzilla server is behind a proxy, it may be"
- _ " necessary to enter its URL if the web server cannot access the"
- _ " HTTP_PROXY environment variable. If you have to authenticate,"
- _ " use the <code>http://user:pass@proxy_url/</code> syntax.",
-
strict_transport_security => sts_desc,
} %]
+++ /dev/null
-[%# This Source Code Form is subject to the terms of the Mozilla Public
- # License, v. 2.0. If a copy of the MPL was not distributed with this
- # file, You can obtain one at http://mozilla.org/MPL/2.0/.
- #
- # This Source Code Form is "Incompatible With Secondary Licenses", as
- # defined by the Mozilla Public License, v. 2.0.
- #%]
-[%
- title = "Memcached"
- desc = "Set up Memcached integration"
-%]
-
-[% param_descs = {
- memcached_servers =>
- "If this option is set, Bugzilla will integrate with Memcached. " _
- "Specify one or more servers, separated by spaces, using hostname:port " _
- "notation (for example: 127.0.0.1:11211).",
-
- memcached_namespace =>
- "Specify a string to prefix to each key on Memcached.",
- }
-%]
localconfig_db_mysql_ssl_client_key => <<'END',
Full path to the private key corresponding to the client SSL certificate.
The file must not be password-protected and must be readable by web server user.
+END
+ localconfig_db_shadow => <<'END',
+This is optional hack to increase database performance. If you have a read-only database
+that is faster to connect to (such as a db slave) you can list its connection details
+here. Note you cannot change the db_driver.
END
localconfig_diffpath => <<'END',
For the "Difference Between Two Patches" feature to work, we need to know
characters in the Basic Multilingual Plane. If you leave this parameter empty,
a default font will be used, but its support is limited to English characters
only and so other characters will be displayed incorrectly.
+END
+ localconfig_inbound_proxies => <<'END',
+When inbound traffic to Bugzilla goes through a proxy,
+Bugzilla thinks that the IP address of every single user is the IP address of the proxy.
+If you enter a comma-separated list of IPs in this parameter, then Bugzilla will trust any
+X-Forwarded-For header sent from those IPs, and use the value of that header as the end
+user's IP address.
+If set to a *, Bugzilla will trust the first value in the X-Forwarded-For header.
END
localconfig_index_html => <<'END',
Most web servers will allow you to use index.cgi as a directory
If you want to use the "Difference Between Two Patches" feature of the
Patch Viewer, please specify the full path to the "interdiff" executable
here.
+END
+ localconfig_memcached_namespace => <<'END',
+Specify a string to prefix to each key on Memcached.
+END
+ localconfig_memcached_servers => <<'END',
+If this option is set, Bugzilla will integrate with Memcached.
+Specify one or more servers, separated by spaces, using hostname:port
+notation (for example: 127.0.0.1:11211).
+END
+ localconfig_proxy_url => <<'END',
+If your Bugzilla server is behind a proxy, it may be necessary to enter its URL
+If you have to authenticate use http://user:pass@proxy_url/ syntax
END
localconfig_site_wide_secret => <<'END',
This secret key is used by your installation for the creation and
projects / thirdparty / bugzilla.git / commitdiff
