Defaults to built-in `tls.checkServerIdentity` method in the event one is not passed into `pgConfig.ssl`
Found breaking in v9.4.2 vs v9.4.1 a la 49054717b4ec0c6d477f04c2becd1f9680b2d13a
cc @tobio @brianc
This happened to work before because `Query.portalName` was undefined,
but in order to be able to set the portal explicitly it should be using
`Query.portal`.
This commit adds some finer grained detail to handling the postmaster's
response to SSL negotiation packets, by accounting for the possibility
of an 'E' byte being sent back, and emitting an appropriate error.
In the naive case, the postmaster will respond with either 'S' (proceed
with an SSL connection) or 'N' (SSL is not supported). However, the
current if statement doesn't account for an 'E' byte being returned
by the postmaster, where an error is encountered (perhaps unable to
fork due to being out of memory).
By adding this case, we can prevent confusing error messages when SSL is
enforced and the postmaster returns an error after successful SSL
connections.
This also brings the connection handling further in line with
libpq, where 'E' is handled similarly as of this commit:
a49fbaaf8d
Given that there are no longer pre-7.0 databases out in the wild, I
believe this is a safe change to make, and should not break backwards
compatibility (unless matching on error message content).
* Replace if statement with switch, to catch 'S', 'E' and 'N' bytes
returned by the postmaster
* Return an Error for non 'S' or 'N' cases
* Expand and restructure unit tests for SSL negotiation packets
The support for the `noAssert` argument dropped in the upcoming
Node.js v.10.x. All input is then validated no matter if this
is set to true or not. Just remove the argument because of that.
Centralize logic for md5 hashing of passwords for authentication. Adds
a new function postgresMd5PasswordHash(user, password, salt) to utils
and updates client.js and tests to use it.
* Work on converting lib to standard
* Finish updating lib
* Finish linting lib
* Format test files
* Add .eslintrc with standard format
* Supply full path to eslint bin
* Move lint command to package.json
* Add eslint as dev dependency
This is a small change and is _kinda_ backwards compatible since the old behavior was to throw an error, but if someone was relying on anything with `.map` working as values it would break them, so it's in a major semver bump.
Clients are not reusable. This changes the client to raise errors whenever you try to reconnect a client that's already been used. They're cheap to create: just instantiate a new one (or use the pool) 😉.
Closes#1352
