From 69b14f136170013aee4b2adb9b0291677770b01a Mon Sep 17 00:00:00 2001 From: Bjorn <47388782+bjornouderoelink@users.noreply.github.com> Date: Mon, 19 Apr 2021 21:51:42 +0200 Subject: [PATCH] Fix sslinline for connections after the first one. The sslinline functionality would delete the required keys after upgrading the first connection. This commit adds the sslinine key to the isDriverSetting so that it is not sent to Posgres which would cause a crash. It also removes the delete of the keys necessary for sslinline to allow SSL upgrades for connections after the first one. --- conn.go | 2 +- ssl.go | 8 -------- 2 files changed, 1 insertion(+), 9 deletions(-) diff --git a/conn.go b/conn.go index 4f35614f..b09a1704 100644 --- a/conn.go +++ b/conn.go @@ -1106,7 +1106,7 @@ func isDriverSetting(key string) bool { return true case "password": return true - case "sslmode", "sslcert", "sslkey", "sslrootcert": + case "sslmode", "sslcert", "sslkey", "sslrootcert", "sslinline": return true case "fallback_application_name": return true diff --git a/ssl.go b/ssl.go index 881c2219..e5eb9289 100644 --- a/ssl.go +++ b/ssl.go @@ -59,9 +59,6 @@ func ssl(o values) (func(net.Conn) (net.Conn, error), error) { return nil, err } - // This pseudo-parameter is not recognized by the PostgreSQL server, so let's delete it after use. - delete(o, "sslinline") - // Accept renegotiation requests initiated by the backend. // // Renegotiation was deprecated then removed from PostgreSQL 9.5, but @@ -89,9 +86,6 @@ func sslClientCertificates(tlsConf *tls.Config, o values) error { sslinline := o["sslinline"] if sslinline == "true" { cert, err := tls.X509KeyPair([]byte(o["sslcert"]), []byte(o["sslkey"])) - // Clear out these params, in case they were to be sent to the PostgreSQL server by mistake - o["sslcert"] = "" - o["sslkey"] = "" if err != nil { return err } @@ -157,8 +151,6 @@ func sslCertificateAuthority(tlsConf *tls.Config, o values) error { var cert []byte if sslinline == "true" { - // // Clear out this param, in case it were to be sent to the PostgreSQL server by mistake - o["sslrootcert"] = "" cert = []byte(sslrootcert) } else { var err error