Merge pull request #225 from jpechane/ssl-factory-only

[DBZ-244] Allow unvalidated SSL connections
debezium · May 10, 2017 · e365fc2 · e365fc2
2 parents 1cd6728 + e8fc6d1
commit e365fc2
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 3 deletions.
diff --git a/...ctor-postgres/src/main/java/io/debezium/connector/postgresql/PostgresConnectorConfig.java b/...ctor-postgres/src/main/java/io/debezium/connector/postgresql/PostgresConnectorConfig.java
@@ -440,6 +440,12 @@ public static TopicSelectionStrategy parse(String value) {
                                                    .withImportance(Importance.MEDIUM)
                                                    .withDescription("File containing the root certificate(s) against which the server is validated. See the Postgres JDBC SSL docs for further information");
 
+    public static final Field SSL_SOCKET_FACTORY = Field.create(DATABASE_CONFIG_PREFIX + "sslfactory")
+                                                        .withDisplayName("SSL Root Certificate")
+                                                        .withType(Type.STRING)
+                                                        .withWidth(Width.LONG)
+                                                        .withImportance(Importance.MEDIUM)
+                                                        .withDescription("A name of class to that creates SSL Sockets. Use org.postgresql.ssl.NonValidatingFactory to disable SSL validation in development environments");
 
     /**
      * A comma-separated list of regular expressions that match schema names to be monitored.
@@ -560,7 +566,7 @@ public static TopicSelectionStrategy parse(String value) {
                                                      COLUMN_BLACKLIST, SNAPSHOT_MODE, 
                                                      TIME_PRECISION_MODE,
                                                      SSL_MODE, SSL_CLIENT_CERT, SSL_CLIENT_KEY_PASSWORD,
-                                                     SSL_ROOT_CERT, SSL_CLIENT_KEY, SNAPSHOT_LOCK_TIMEOUT_MS, ROWS_FETCH_SIZE);
+                                                     SSL_ROOT_CERT, SSL_CLIENT_KEY, SNAPSHOT_LOCK_TIMEOUT_MS, ROWS_FETCH_SIZE, SSL_SOCKET_FACTORY);
 
     private final Configuration config;
     private final String serverName;
@@ -685,7 +691,7 @@ protected static ConfigDef configDef() {
         ConfigDef config = new ConfigDef();
         Field.group(config, "Postgres", SLOT_NAME, PLUGIN_NAME, SERVER_NAME, DATABASE_NAME, HOSTNAME, PORT,
                     USER, PASSWORD, SSL_MODE, SSL_CLIENT_CERT, SSL_CLIENT_KEY_PASSWORD, SSL_ROOT_CERT, SSL_CLIENT_KEY,
-                    DROP_SLOT_ON_STOP);
+                    DROP_SLOT_ON_STOP, SSL_SOCKET_FACTORY);
         Field.group(config, "Events", SCHEMA_WHITELIST, SCHEMA_BLACKLIST, TABLE_WHITELIST, TABLE_BLACKLIST, 
                     COLUMN_BLACKLIST);
         Field.group(config, "Connector", TOPIC_SELECTION_STRATEGY, POLL_INTERVAL_MS, MAX_BATCH_SIZE, MAX_QUEUE_SIZE, 

diff --git a/...onnector-postgres/src/test/java/io/debezium/connector/postgresql/PostgresConnectorIT.java b/...onnector-postgres/src/test/java/io/debezium/connector/postgresql/PostgresConnectorIT.java
@@ -145,7 +145,8 @@ public void shouldValidateConfiguration() throws Exception {
                       PostgresConnectorConfig.DEFAULT_SNAPSHOT_LOCK_TIMEOUT_MILLIS);
         validateField(validatedConfig, PostgresConnectorConfig.TIME_PRECISION_MODE, 
                       PostgresConnectorConfig.TemporalPrecisionMode.ADAPTIVE.name().toLowerCase());
-    }
+        validateField(validatedConfig, PostgresConnectorConfig.SSL_SOCKET_FACTORY, null);
+   }
 
     @Test
     public void shouldSupportSSLParameters() throws Exception {