Skip to content

Explicit TLS config #237

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Mar 2, 2022
Merged

Explicit TLS config #237

merged 1 commit into from
Mar 2, 2022

Conversation

fabianfett
Copy link
Collaborator

Motivation

Currently users provide a TLSConfiguration to the PSQLConnection.Configuration to signal they want to require TLS. This is very implicit and it will create a new NIOSSLContext for every new connection (VERY, VERY expensive operation).

Changes

  • Make TLS config explicit in PSQLConnection.Configuration. The initial provided values are .disable, .prefer, .require
  • If users use .prefer or .require they must provide a NIOSSLContext

Result

  • Faster more explicit code

@codecov-commenter
Copy link

codecov-commenter commented Feb 28, 2022
edited
Loading

Codecov Report

Merging #237 (7ab76cc) into main (63e7d57) will increase coverage by 4.21%.
The diff coverage is 60.75%.

@@            Coverage Diff             @@
##             main     #237      +/-   ##
==========================================
+ Coverage   39.82%   44.04%   +4.21%     
==========================================
  Files         116      116              
  Lines        9413     9474      +61     
==========================================
+ Hits         3749     4173     +424     
+ Misses       5664     5301     -363
Flag Coverage Δ
unittests 44.04% <60.75%> (+4.21%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files Coverage Δ
...es/PostgresNIO/Connection/PostgresConnection.swift 0.00% <0.00%> (ø)
Sources/PostgresNIO/New/PSQLConnection.swift 33.33% <65.00%> (+5.43%) ⬆️
Sources/PostgresNIO/New/PSQLChannelHandler.swift 61.83% <94.73%> (+12.16%) ⬆️
...nection State Machine/ConnectionStateMachine.swift 55.24% <100.00%> (+9.30%) ⬆️
...ces/PostgresNIO/New/PostgresRow-multi-decode.swift 4.44% <0.00%> (+0.19%) ⬆️
Sources/PostgresNIO/Data/PostgresRow.swift 50.00% <0.00%> (+1.02%) ⬆️
...s/PostgresNIO/New/Data/Array+PostgresCodable.swift 94.68% <0.00%> (+1.06%) ⬆️
...rces/PostgresNIO/New/Extensions/Logging+PSQL.swift 19.60% <0.00%> (+1.42%) ⬆️
...ostgresNIO/Deprecated/PostgresMessageDecoder.swift 95.45% <0.00%> (+2.27%) ⬆️
... and 24 more

fabianfett
fabianfett commented Feb 28, 2022
View reviewed changes
Sources/PostgresNIO/New/PSQLConnection.swift
Comment on lines +27 to +49
struct TLS {
enum Base {
case disable
case prefer(NIOSSLContext)
case require(NIOSSLContext)
}

var base: Base

private init(_ base: Base) {
self.base = base
}

static var disable: Self = Self.init(.disable)

static func prefer(_ sslContext: NIOSSLContext) -> Self {
self.init(.prefer(sslContext))
}

static func require(_ sslContext: NIOSSLContext) -> Self {
self.init(.require(sslContext))
}
}
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@gwynne This will become public API eventually.

@fabianfett fabianfett requested a review from gwynne February 28, 2022 18:45
gwynne
gwynne approved these changes Mar 1, 2022
View reviewed changes
Copy link
Member

@gwynne gwynne left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@fabianfett fabianfett merged commit 5dade1c into vapor:main Mar 2, 2022
@fabianfett fabianfett deleted the ff-explicit-tls-config branch March 2, 2022 06:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gwynne gwynne gwynne approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@fabianfett @codecov-commenter @gwynne