Skip to content

fix: harden SQL quoting, TLS handling, and async operations#1

Merged
taariq merged 2 commits into
mainfrom
fix-sql-quoting
Nov 26, 2025
Merged

fix: harden SQL quoting, TLS handling, and async operations#1
taariq merged 2 commits into
mainfrom
fix-sql-quoting

Conversation

@christian-smith
Copy link
Copy Markdown
Contributor

@christian-smith christian-smith commented Nov 26, 2025

Summary

Security hardening and reliability fixes for database replication operations.

  • Prevent SQL injection with parameterized queries and consistent identifier quoting
  • Fix TLS certificate handling to be secure by default
  • Fix async/await correctness issues
  • Expand remote filter options

Changes

Security

  • SQL injection prevention: Converted string interpolation to parameterized queries in monitor.rs for replication stats
  • Consistent identifier quoting: Added quote_ident(), quote_literal(), and quote_mysql_ident() helpers used consistently across all DDL statements
  • Credential leak prevention: Removed connection strings from error messages in MySQL validation
  • TLS secure by default: Changed from accepting all certificates to requiring valid certs, with opt-in --allow-self-signed-certs flag for testing

Reliability

  • Async fixes: Added missing .await calls to retry_subprocess_with_backoff()
  • Non-blocking retries: Replaced std::thread::sleep() with tokio::time::sleep().await in async context
  • Thread-safe TLS config: Replaced unsafe std::env::set_var() with OnceLock for TLS policy

Features

  • Remote filter expansion: Added exclude_databases and include_tables to FilterSpec
  • Job timeout passthrough: Now sends job_timeout_seconds to remote orchestrator

Testing

  • All 272 tests passing
  • Clippy clean (no warnings)
  • Security test updated to verify credential leak fix

@christian-smith
fix: harden remote filters and async retries
7ba7c7c
@christian-smith
fix: consistent SQL quoting and thread-safe TLS config
f497a91 
- Add quote_literal() for SQL string escaping
- Add quote_mysql_ident() for MySQL backtick quoting
- Use quote_ident() consistently for PostgreSQL/SQLite identifiers
- Replace unsafe std::env::set_var with thread-safe OnceLock
- Fix blocking std::thread::sleep in async context
- Update security test to verify credential leak fix
@taariq taariq merged commit aaefa5b into main Nov 26, 2025
7 checks passed
@taariq taariq deleted the fix-sql-quoting branch November 26, 2025 14:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@christian-smith @taariq