From 9341efe669ef439953ba59c271650a12c149b1a9 Mon Sep 17 00:00:00 2001
From: bmc <brian.m.carlson@gmail.com>
Date: Mon, 10 Sep 2012 21:40:41 -0500
Subject: [PATCH] allow options to pass to js ssl connection bindings

---
 lib/client.js                        |  5 +-
 lib/connection.js                    | 90 +++++++++++++++-------------
 test/integration/client/ssl-tests.js | 14 +++++
 3 files changed, 66 insertions(+), 43 deletions(-)
 create mode 100644 test/integration/client/ssl-tests.js

diff --git a/lib/client.js b/lib/client.js
index 2b7e51a4..fa93922e 100644
--- a/lib/client.js
+++ b/lib/client.js
@@ -17,7 +17,10 @@ var Client = function(config) {
   this.database = config.database || defaults.database;
   this.port = config.port || defaults.port;
   this.host = config.host || defaults.host;
-  this.connection = config.connection || new Connection({stream: config.stream});
+  this.connection = config.connection || new Connection({
+    stream: config.stream, 
+    ssl: config.ssl
+  });
   this.queryQueue = [];
   this.password = config.password || defaults.password;
   this.binary = config.binary || defaults.binary;
diff --git a/lib/connection.js b/lib/connection.js
index 5ea1ce23..4a2a8575 100644
--- a/lib/connection.js
+++ b/lib/connection.js
@@ -17,7 +17,7 @@ var Connection = function(config) {
   this.encoding = 'utf8';
   this.parsedStatements = {};
   this.writer = new Writer();
-  this.checkSslResponse = false;
+  this.ssl = config.ssl || false;
 };
 
 util.inherits(Connection, EventEmitter);
@@ -26,10 +26,9 @@ var p = Connection.prototype;
 
 p.connect = function(port, host) {
 
-  if(this.stream.readyState === 'closed'){
+  if (this.stream.readyState === 'closed') {
     this.stream.connect(port, host);
-  }
-  else if(this.stream.readyState == 'open') {
+  } else if (this.stream.readyState == 'open') {
     this.emit('connect');
   }
 
@@ -39,47 +38,54 @@ p.connect = function(port, host) {
     self.emit('connect');
   });
   
-  this.on('sslresponse', function(msg) {
-    if (msg.text == 0x53) {
-      var tls = require('tls');
-      self.stream.removeAllListeners();
-      self.stream = tls.connect({ socket: self.stream, servername: host, rejectUnauthorized: true });
-      self.stream.on('data', function(buffer) {
-        self.setBuffer(buffer);
-        var msg;
-        while(msg = self.parseMessage()) {
-          self.emit('message', msg);
-          self.emit(msg.name, msg);
-        }
-      });
-      self.stream.on('error', function(error) {
-        self.emit('error', error);
-      });
-      self.emit('sslconnect');
-    } else {
-      throw new Error("The server doesn't support SSL/TLS connections.");
-    }
-  });
-
-  this.stream.on('data', function(buffer) {
-    self.setBuffer(buffer);
-    var msg;
-    if (self.checkSslResponse) {
-      while(msg = self.readSslResponse()) {
-        self.emit('message', msg);
-        self.emit(msg.name, msg);
-      }
-    } else {
-      while(msg = self.parseMessage()) {
-        self.emit('message', msg);
-        self.emit(msg.name, msg);
-      }
-    }
-  });
-
   this.stream.on('error', function(error) {
     self.emit('error', error);
   });
+
+  if(this.ssl) {
+    this.stream.once('data', function(buffer) {
+      self.setBuffer(buffer);
+      var msg = self.readSslResponse();
+      self.emit('message', msg);
+      self.emit(msg.name, msg);
+    });
+    this.once('sslresponse', function(msg) {
+      if (msg.text == 0x53) {
+        var tls = require('tls');
+        self.stream.removeAllListeners();
+        self.stream = tls.connect({ 
+          socket: self.stream, 
+          servername: host, 
+          rejectUnauthorized: ssl.rejectUnauthorized,
+          ca: ssl.ca,
+          pfx: ssl.pfx,
+          key: ssl.key,
+          passphrase: ssl.passphrase,
+          cert: ssl.cert,
+          NPNProtocols: ssl.NPNProtocols
+        });
+        self.attachListeners(self.stream);
+        self.emit('sslconnect');
+      } else {
+        self.emit('error', new Error("The server doesn't support SSL/TLS connections."));
+      }
+  });
+
+  } else {
+    this.attachListeners(this.stream);
+  }
+};
+
+p.attachListeners = function(stream) {
+  var self = this;
+  stream.on('data', function(buffer) {
+    self.setBuffer(buffer);
+    var msg;
+    while(msg = self.parseMessage()) {
+      self.emit('message', msg);
+      self.emit(msg.name, msg);
+    }
+  });
 };
 
 p.requestSsl = function(config) {
diff --git a/test/integration/client/ssl-tests.js b/test/integration/client/ssl-tests.js
new file mode 100644
index 00000000..0458d6b0
--- /dev/null
+++ b/test/integration/client/ssl-tests.js
@@ -0,0 +1,14 @@
+var pg = require(__dirname + '/../../../lib');
+var config = require(__dirname + '/test-helper').config;
+test('can connect with ssl', function() {
+  return false;
+  config.ssl = {
+    rejectUnauthorized: false
+  };
+  pg.connect(config, assert.success(function(client) {
+    return false;
+    client.query('SELECT NOW()', assert.success(function() {
+      pg.end();
+    }));
+  }));
+});