From f69fe950421b089f86527bab8803319e4afe5a8b Mon Sep 17 00:00:00 2001
From: bmc <brian.m.carlson@gmail.com>
Date: Sat, 29 Jun 2013 22:15:56 -0700
Subject: [PATCH 1/4] Add failing test for heroku ssl connection

---
 test/integration/client/heroku-ssl-tests.js | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 test/integration/client/heroku-ssl-tests.js

diff --git a/test/integration/client/heroku-ssl-tests.js b/test/integration/client/heroku-ssl-tests.js
new file mode 100644
index 00000000..82c1e360
--- /dev/null
+++ b/test/integration/client/heroku-ssl-tests.js
@@ -0,0 +1,21 @@
+var helper = require(__dirname + '/../test-helper');
+var pg = helper.pg;
+
+var host = 'ec2-107-20-224-218.compute-1.amazonaws.com';
+var database = 'db6kfntl5qhp2';
+var user = 'kwdzdnqpdiilfs';
+var port = 5432;
+
+var config = {
+  host: host,
+  port: port,
+  database: database,
+  user: user,
+  ssl: true
+};
+
+//connect & disconnect from heroku
+pg.connect(config, assert.success(function(client, done) {
+  done();
+  pg.end();
+}));

From 53a772af49a3e9991f6516117fdc36f7a0704df8 Mon Sep 17 00:00:00 2001
From: bmc <brian.m.carlson@gmail.com>
Date: Sat, 29 Jun 2013 23:19:17 -0700
Subject: [PATCH 2/4] Add heroku password to heroku test

---
 test/integration/client/heroku-ssl-tests.js | 1 +
 1 file changed, 1 insertion(+)

diff --git a/test/integration/client/heroku-ssl-tests.js b/test/integration/client/heroku-ssl-tests.js
index 82c1e360..6f144798 100644
--- a/test/integration/client/heroku-ssl-tests.js
+++ b/test/integration/client/heroku-ssl-tests.js
@@ -11,6 +11,7 @@ var config = {
   port: port,
   database: database,
   user: user,
+  password: 'uaZoSSHgi7mVM7kYaROtusClKu',
   ssl: true
 };
 

From 44784fa2f3829b6b6a099bb65b02fd47b0c85513 Mon Sep 17 00:00:00 2001
From: bmc <brian.m.carlson@gmail.com>
Date: Sat, 29 Jun 2013 23:20:48 -0700
Subject: [PATCH 3/4] Fix JavaScript SSL upgrade logic

I had accepted the pull request way back without proper test coverage.
I've added test coverage & fixed this long-standing bug.
---
 lib/connection.js | 57 +++++++++++++++++++----------------------------
 1 file changed, 23 insertions(+), 34 deletions(-)

diff --git a/lib/connection.js b/lib/connection.js
index 2bdd07fa..f6048572 100644
--- a/lib/connection.js
+++ b/lib/connection.js
@@ -53,41 +53,30 @@ Connection.prototype.connect = function(port, host) {
     self.emit('end');
   });
 
-  if(this.ssl) {
-    this.stream.once('data', function(buffer) {
-      self.setBuffer(buffer);
-      var msg = self.readSslResponse();
-      self.emit('message', msg);
-      self.emit(msg.name, msg);
-    });
-    this.once('sslresponse', function(msg) {
-      if(msg.text == 0x53) {
-        var tls = require('tls');
-        self.stream.removeAllListeners();
-        self.stream = tls.connect({
-          socket: self.stream,
-          servername: host,
-          rejectUnauthorized: self.ssl.rejectUnauthorized,
-          ca: self.ssl.ca,
-          pfx: self.ssl.pfx,
-          key: self.ssl.key,
-          passphrase: self.ssl.passphrase,
-          cert: self.ssl.cert,
-          NPNProtocols: self.ssl.NPNProtocols
-        });
-        self.attachListeners(self.stream);
-        self.emit('sslconnect');
-      } else {
-        self.emit(
-          'error',
-          new Error("The server doesn't support SSL/TLS connections.")
-        );
-      }
-    });
-
-  } else {
-    this.attachListeners(this.stream);
+  if(!this.ssl) {
+    return this.attachListeners(this.stream);
   }
+
+  this.stream.once('data', function(buffer) {
+    var responseCode = buffer.toString('utf8');
+    if(responseCode != 'S') {
+      return self.emit('error', new Error('The server does not support SSL connections'));
+    }
+    var tls = require('tls');
+    self.stream = tls.connect({
+      socket: self.stream,
+      servername: host,
+      rejectUnauthorized: self.ssl.rejectUnauthorized,
+      ca: self.ssl.ca,
+      pfx: self.ssl.pfx,
+      key: self.ssl.key,
+      passphrase: self.ssl.passphrase,
+      cert: self.ssl.cert,
+      NPNProtocols: self.ssl.NPNProtocols
+    });
+    self.attachListeners(self.stream);
+    self.emit('sslconnect');
+  });
 };
 
 Connection.prototype.attachListeners = function(stream) {

From 81ce2f6d9cb9a12ba39b2a10a2ac878977d88a44 Mon Sep 17 00:00:00 2001
From: bmc <brian.m.carlson@gmail.com>
Date: Sun, 30 Jun 2013 00:12:43 -0700
Subject: [PATCH 4/4] Make test more robust

---
 test/integration/client/heroku-ssl-tests.js | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/test/integration/client/heroku-ssl-tests.js b/test/integration/client/heroku-ssl-tests.js
index 6f144798..5b6b87da 100644
--- a/test/integration/client/heroku-ssl-tests.js
+++ b/test/integration/client/heroku-ssl-tests.js
@@ -17,6 +17,9 @@ var config = {
 
 //connect & disconnect from heroku
 pg.connect(config, assert.success(function(client, done) {
-  done();
-  pg.end();
+  client.query('SELECT NOW() as time', assert.success(function(res) {
+    assert(res.rows[0].time.getTime());
+    done();
+    pg.end();
+  }))
 }));