Add support for using TLS with PostgreSQL (#260) #266
Conversation
|
I think some of the CI plans checking fmt fail because openssl packages aren't installed in the base image. |
There was a problem hiding this comment.
I think some of the CI plans checking fmt fail because openssl packages aren't installed in the base image.
I was a bit worried this might happen, and same might be true of other people already using the package elsewhere.
Might be preferable to explicitly enabled postgres tls as a feature then? What do you think?
Hi, and Thanks for this! Can we use the native-tls version instead?
| let use_tls = match query_params | ||
| .get("sslmode") | ||
| .unwrap_or(&Cow::Borrowed("disable")) | ||
| { | ||
| &Cow::Borrowed("disable") => Ok(false), | ||
| &Cow::Borrowed("require") => Ok(true), | ||
| _ => Err(()), | ||
| } | ||
| .map_err(|_| { | ||
| Error::new( | ||
| Kind::ConfigError("Invalid sslmode value, please use disable/require".into()), | ||
| None, | ||
| ) | ||
| })?; |
There was a problem hiding this comment.
| let use_tls = match query_params | |
| .get("sslmode") | |
| .unwrap_or(&Cow::Borrowed("disable")) | |
| { | |
| &Cow::Borrowed("disable") => Ok(false), | |
| &Cow::Borrowed("require") => Ok(true), | |
| _ => Err(()), | |
| } | |
| .map_err(|_| { | |
| Error::new( | |
| Kind::ConfigError("Invalid sslmode value, please use disable/require".into()), | |
| None, | |
| ) | |
| })?; | |
| let use_tls = match query_params | |
| .get("sslmode") | |
| .unwrap_or(&Cow::Borrowed("disable")) | |
| { | |
| &Cow::Borrowed("disable") => false, | |
| &Cow::Borrowed("require") => true, | |
| _ => return Error::new( | |
| Kind::ConfigError("Invalid sslmode value, please use disable/require".into()), | |
| None, | |
| ), | |
| }; |
| @@ -451,6 +473,24 @@ mod tests { | |||
| ); | |||
| } | |||
|
|
|||
| #[test] | |||
| fn build_no_tls_conn_from_str() { | |||
There was a problem hiding this comment.
can we do it all on one test? both the use not use and the invalid value?
|
@mossbanay any chance you'll have time to finish this up? If not I'm happy to take a swing at it. |
|
@aig787 Sorry slipped through my inbox. By all means go for it! |
|
Any updates on this? |
Hi, I would like to use Refinery with a PostgreSQL database over TLS similar to (#260).
It looked like this wasn't too difficult to implement, and seems to work fine from my local testing.
I've added a
use_tlsoption that can be supplied in the toml config, and it also supports the original request of parsing from the connection string (though only disable and require are supported).I don't often write Rust, let me know if you have any suggestions about this change.
Thanks