archive-gh-me/node-postgres
1
0
Fork 0
mirror of https://github.com/brianc/node-postgres.git synced 2025-12-08 20:16:25 +00:00
Code Issues Projects Releases Wiki Activity

Revert "Revert "Support additional tls.connect() options (#1996)" (#2010)" (#2113)

Browse Source 
This reverts commit 510a273ce45fb73d0355cf384e97ea695c8a5bcc.
This commit is contained in:
Charmander 2020-02-25 08:42:45 -08:00 committed by GitHub
parent 1d480517fe
commit 5341a2a157
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 6 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
packages/pg/lib/connection-fast.js
View File

@ -15,8 +15,6 @@ var Writer = require('buffer-writer')
// eslint-disable-next-line
var PacketStream = require('pg-packet-stream')
var warnDeprecation = require('./compat/warn-deprecation')
var TEXT_MODE = 0
// TODO(bmc) support binary mode here
@ -95,21 +93,9 @@ Connection.prototype.connect = function (port, host) {
return self.emit('error', new Error('There was an error establishing an SSL connection'))
}
var tls = require('tls')
const options = {
socket: self.stream,
checkServerIdentity: self.ssl.checkServerIdentity || tls.checkServerIdentity,
rejectUnauthorized: self.ssl.rejectUnauthorized,
ca: self.ssl.ca,
pfx: self.ssl.pfx,
key: self.ssl.key,
passphrase: self.ssl.passphrase,
cert: self.ssl.cert,
secureOptions: self.ssl.secureOptions,
NPNProtocols: self.ssl.NPNProtocols
}
if (typeof self.ssl.rejectUnauthorized !== 'boolean') {
warnDeprecation('Implicit disabling of certificate verification is deprecated and will be removed in pg 8. Specify `rejectUnauthorized: true` to require a valid CA or `rejectUnauthorized: false` to explicitly opt out of MITM protection.', 'PG-SSL-VERIFY')
}
const options = Object.assign({
socket: self.stream
}, self.ssl)
if (net.isIP(host) === 0) {
options.servername = host
}

20
packages/pg/lib/connection.js
View File

@ -14,8 +14,6 @@ var util = require('util')
var Writer = require('buffer-writer')
var Reader = require('packet-reader')
var warnDeprecation = require('./compat/warn-deprecation')
var TEXT_MODE = 0
var BINARY_MODE = 1
var Connection = function (config) {
@ -93,21 +91,9 @@ Connection.prototype.connect = function (port, host) {
return self.emit('error', new Error('There was an error establishing an SSL connection'))
}
var tls = require('tls')
const options = {
socket: self.stream,
checkServerIdentity: self.ssl.checkServerIdentity || tls.checkServerIdentity,
rejectUnauthorized: self.ssl.rejectUnauthorized,
ca: self.ssl.ca,
pfx: self.ssl.pfx,
key: self.ssl.key,
passphrase: self.ssl.passphrase,
cert: self.ssl.cert,
secureOptions: self.ssl.secureOptions,
NPNProtocols: self.ssl.NPNProtocols
}
if (typeof self.ssl.rejectUnauthorized !== 'boolean') {
warnDeprecation('Implicit disabling of certificate verification is deprecated and will be removed in pg 8. Specify `rejectUnauthorized: true` to require a valid CA or `rejectUnauthorized: false` to explicitly opt out of MITM protection.', 'PG-SSL-VERIFY')
}
const options = Object.assign({
socket: self.stream
}, self.ssl)
if (net.isIP(host) === 0) {
options.servername = host
}