-
Notifications
You must be signed in to change notification settings - Fork 127
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for using TLS with PostgreSQL (#260) #266
base: main
Are you sure you want to change the base?
Conversation
I think some of the CI plans checking fmt fail because openssl packages aren't installed in the base image. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think some of the CI plans checking fmt fail because openssl packages aren't installed in the base image.
I was a bit worried this might happen, and same might be true of other people already using the package elsewhere.
Might be preferable to explicitly enabled postgres tls as a feature then? What do you think?
Hi, and Thanks for this! Can we use the native-tls version instead?
let use_tls = match query_params | ||
.get("sslmode") | ||
.unwrap_or(&Cow::Borrowed("disable")) | ||
{ | ||
&Cow::Borrowed("disable") => Ok(false), | ||
&Cow::Borrowed("require") => Ok(true), | ||
_ => Err(()), | ||
} | ||
.map_err(|_| { | ||
Error::new( | ||
Kind::ConfigError("Invalid sslmode value, please use disable/require".into()), | ||
None, | ||
) | ||
})?; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
let use_tls = match query_params | |
.get("sslmode") | |
.unwrap_or(&Cow::Borrowed("disable")) | |
{ | |
&Cow::Borrowed("disable") => Ok(false), | |
&Cow::Borrowed("require") => Ok(true), | |
_ => Err(()), | |
} | |
.map_err(|_| { | |
Error::new( | |
Kind::ConfigError("Invalid sslmode value, please use disable/require".into()), | |
None, | |
) | |
})?; | |
let use_tls = match query_params | |
.get("sslmode") | |
.unwrap_or(&Cow::Borrowed("disable")) | |
{ | |
&Cow::Borrowed("disable") => false, | |
&Cow::Borrowed("require") => true, | |
_ => return Error::new( | |
Kind::ConfigError("Invalid sslmode value, please use disable/require".into()), | |
None, | |
), | |
}; |
@@ -451,6 +473,24 @@ mod tests { | |||
); | |||
} | |||
|
|||
#[test] | |||
fn build_no_tls_conn_from_str() { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
can we do it all on one test? both the use not use and the invalid value?
@mossbanay any chance you'll have time to finish this up? If not I'm happy to take a swing at it. |
@aig787 Sorry slipped through my inbox. By all means go for it! |
Any updates on this? |
Hi, I would like to use Refinery with a PostgreSQL database over TLS similar to (#260).
It looked like this wasn't too difficult to implement, and seems to work fine from my local testing.
I've added a
use_tls
option that can be supplied in the toml config, and it also supports the original request of parsing from the connection string (though only disable and require are supported).I don't often write Rust, let me know if you have any suggestions about this change.
Thanks