Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

db: Add support for key-value pair DSNs in postgresql #4072

Merged
merged 2 commits into from
Sep 23, 2020
Merged

db: Add support for key-value pair DSNs in postgresql #4072

merged 2 commits into from
Sep 23, 2020

Conversation

cdecker
Copy link
Member

@cdecker cdecker commented Sep 21, 2020

It turns out that it isn't always possible to express the connection
parameters in a URI-style DSN. The postgresql primitives provide an
alternative in the form of key-value DSNs 1, which allow for a far wider
range of possible configuration parameters. Specifically in my case I wanted
to have mutual authentication using TLS/SSL server and client certificates, on
top of password authentication.

With this change we still use the scheme:// portion of the DSN to select
which backend to use, while we attempt to parse the connection string without
it first (which is the key-value option) and if that fails we fall back to the
full URI connection. Since we only attempt to parse, and don't directly
connect we don't actually connect twice.

So this is now a possibility:

postgres://sslmode=verify-ca \
	sslrootcert=server-ca.pem \
	sslcert=client-cert.pem \
	sslkey=client-key.pem \
	host=12.345.678.9 \
	port=5432 \
	user=postgres \
	dbname=cln \
	password=helloworld"

@cdecker
db: Add support for key-value pair DSNs in postgresql
5bedaa9 
These are simple space-separated key-value pair sets of options instead of the
URI style DSNs, but they are also much more flexible allowing the user to
specify client SSL certificates, server certificates, compression and
encryption levels, and much more (see [1] for more information)

[1]: https://www.postgresql.org/docs/9.1/libpq-connect.html

Changelog-Added: db: Added support for key-value DSNs for postgresql, allowing for a wider variety of configurations and environments.
@cdecker
pytest: Add test for key-value style postgresql DSNs
e234bd9
@cdecker cdecker changed the title pytest: Add test for key-value style postgresql DSNs db: Add support for key-value pair DSNs in postgresql Sep 22, 2020
rustyrussell
rustyrussell approved these changes Sep 23, 2020
View reviewed changes
Copy link
Contributor

@rustyrussell rustyrussell left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ack e234bd9

@rustyrussell rustyrussell merged commit d9ba39d into ElementsProject:master Sep 23, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rustyrussell rustyrussell rustyrussell approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@cdecker @rustyrussell