Skip to content

Commit

Permalink
Make singular to match Postgres params
Browse files Browse the repository at this point in the history
  • Loading branch information
metafeather committed May 4, 2024
1 parent c86f082 commit 3fa7048
Showing 1 changed file with 15 additions and 15 deletions.
30 changes: 15 additions & 15 deletions modules/l4postgres/matcher.go
Original file line number Diff line number Diff line change
Expand Up @@ -24,15 +24,15 @@
//
// {
// "postgres": {
// "users": {
// "user": {
// "*": ["public_db"],
// "alice": ["planets_db", "stars_db"]
// }
// }
// }
//
// {
// "postgres_clients": ["psql", "TablePlus"]
// "postgres_client": ["psql", "TablePlus"]
// }
//
// {
Expand Down Expand Up @@ -61,7 +61,7 @@ import (

func init() {
caddy.RegisterModule(MatchPostgres{})
caddy.RegisterModule(MatchPostgresClients{})
caddy.RegisterModule(MatchPostgresClient{})
caddy.RegisterModule(MatchPostgresSSL{})
}

Expand Down Expand Up @@ -89,7 +89,7 @@ func newMessageFromConn(cx *layer4.Connection) (*message, error) {

// MatchPostgres is able to match Postgres connections
type MatchPostgres struct {
Users map[string][]string
User map[string][]string
startup *startupMessage
}

Expand All @@ -110,7 +110,7 @@ func (m MatchPostgres) Match(cx *layer4.Connection) (bool, error) {
}

m.startup = newStartupMessage(b)
hasConfig := len(m.Users) > 0
hasConfig := len(m.User) > 0

// Finish if this is a SSLRequest and there are no other matchers
if m.startup.IsSSL() && !hasConfig {
Expand All @@ -131,15 +131,15 @@ func (m MatchPostgres) Match(cx *layer4.Connection) (bool, error) {
user, ok := m.startup.Parameters["user"]
if !ok {
// Are there public databases to check?
if databases, ok := m.Users["*"]; ok {
if databases, ok := m.User["*"]; ok {
if db, ok := m.startup.Parameters["database"]; ok {
return slices.Contains(databases, db), nil
}
}
return false, nil
}

databases, ok := m.Users[user]
databases, ok := m.User[user]
if !ok {
return false, nil
}
Expand All @@ -154,24 +154,24 @@ func (m MatchPostgres) Match(cx *layer4.Connection) (bool, error) {
return true, nil
}

// MatchPostgresClients is able to match Postgres connections that
// MatchPostgresClient is able to match Postgres connections that
// contain an `application_name` field
type MatchPostgresClients struct {
Clients []string
type MatchPostgresClient struct {
Client []string
startup *startupMessage
}

// CaddyModule returns the Caddy module information.
func (MatchPostgresClients) CaddyModule() caddy.ModuleInfo {
func (MatchPostgresClient) CaddyModule() caddy.ModuleInfo {
return caddy.ModuleInfo{
ID: "layer4.matchers.postgres_clients",
New: func() caddy.Module { return new(MatchPostgresClients) },
New: func() caddy.Module { return new(MatchPostgresClient) },
}
}

// Match returns true if the connection looks like the Postgres protocol and
// passes any `application_name` parameter matchers
func (m MatchPostgresClients) Match(cx *layer4.Connection) (bool, error) {
func (m MatchPostgresClient) Match(cx *layer4.Connection) (bool, error) {
b, err := newMessageFromConn(cx)
if err != nil {
return false, err
Expand All @@ -196,7 +196,7 @@ func (m MatchPostgresClients) Match(cx *layer4.Connection) (bool, error) {
}

// Check clients list
return slices.Contains(m.Clients, name), nil
return slices.Contains(m.Client, name), nil
}

// MatchPostgresSSL is able to require/reject Postgres SSL connections.
Expand Down Expand Up @@ -235,5 +235,5 @@ func (m MatchPostgresSSL) Match(cx *layer4.Connection) (bool, error) {

// Interface guard
var _ layer4.ConnMatcher = (*MatchPostgres)(nil)
var _ layer4.ConnMatcher = (*MatchPostgresClients)(nil)
var _ layer4.ConnMatcher = (*MatchPostgresClient)(nil)
var _ layer4.ConnMatcher = (*MatchPostgresSSL)(nil)

0 comments on commit 3fa7048

Please sign in to comment.