fix(electric): Fix the order of case clauses when parsing database SS…

…L config (#1261) @icehaunter spotted this in #1249 (comment). I have reordered the case clauses by specificity and added comments for readability.
electric-sql · Jun 4, 2024 · cbd652d · cbd652d
1 parent d3506ab
commit cbd652d
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 7 deletions.
diff --git a/.changeset/eight-suits-boil.md b/.changeset/eight-suits-boil.md
@@ -0,0 +1,5 @@
+---
+"@core/electric": patch
+---
+
+Bring back the enforcement of SSL use for database connections. The default value was changed to `false` in v0.9.1 by accident. This version restores the intended behaviour. To use unencrypted database connections, you must explicitly configure Electric with DATABASE_REQUIRE_SSL=false.
diff --git a/components/electric/config/runtime.exs b/components/electric/config/runtime.exs
@@ -214,22 +214,32 @@ connector_config =
     #      database will be treated as a fatal error.
     #
     #   2. Or it is not required, in which case Electric will still try connecting with SSL first
-    #      and will only fallback to using unencrypted connection if that fails.
+    #      and will only fall back to using unencrypted connection if that fails.
     #
     # When DATABASE_REQUIRE_SSL is set by the user, the sslmode query parameter in DATABASE_URL is ignored.
     require_ssl? =
       case {require_ssl_config, conn_config[:sslmode]} do
-        {nil, :require} -> true
-        {nil, _} -> false
-        {nil, nil} -> default_database_require_ssl
-        {true, _} -> true
-        {false, _} -> false
+        {nil, nil} ->
+          # neither DATABASE_REQUIRE_SSL nor ?sslmode=... are present, use the default setting
+          default_database_require_ssl
+
+        {true, _} ->
+          # DATABASE_REQUIRE_SSL=true: require database connections to use SSL
+          true
+
+        {nil, :require} ->
+          # ?sslmode=require and DATABASE_REQUIRE_SSL is not set: require database connections to use SSL
+          true
+
+        _ ->
+          # any other value of ?sslmode=... or DATABASE_REQUIRE_SSL means SSL is not required
+          false
       end
 
     # When require_ssl?=true, epgsql will try to connect using SSL and fail if the server does not accept encrypted
     # connections.
     #
-    # When require_ssl?=false, epgsql will try to connect using SSL first, then fallback to an unencrypted connection
+    # When require_ssl?=false, epgsql will try to connect using SSL first, then fall back to an unencrypted connection
     # if that fails.
     use_ssl? =
       if require_ssl? do