forked from vapor/postgres-nio
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathPostgresConnection+RequestTLS.swift
53 lines (45 loc) · 1.49 KB
/
PostgresConnection+RequestTLS.swift
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
import NIOSSL
import Logging
extension PostgresConnection {
internal func requestTLS(
using tlsConfig: TLSConfiguration,
serverHostname: String?,
logger: Logger
) -> EventLoopFuture<Void> {
let tls = RequestTLSQuery()
return self.send(tls, logger: logger).flatMapThrowing { _ in
guard tls.isSupported else {
throw PostgresError.protocol("Server does not support TLS")
}
let sslContext = try NIOSSLContext(configuration: tlsConfig)
let handler = try NIOSSLClientHandler(context: sslContext, serverHostname: serverHostname)
_ = self.channel.pipeline.addHandler(handler, position: .first)
}
}
}
// MARK: Private
private final class RequestTLSQuery: PostgresRequest {
var isSupported: Bool
init() {
self.isSupported = false
}
func log(to logger: Logger) {
logger.debug("Requesting TLS")
}
func respond(to message: PostgresMessage) throws -> [PostgresMessage]? {
switch message.identifier {
case .sslSupported:
self.isSupported = true
return nil
case .sslUnsupported:
self.isSupported = false
return nil
default: throw PostgresError.protocol("Unexpected message during TLS request: \(message)")
}
}
func start() throws -> [PostgresMessage] {
return try [
PostgresMessage.SSLRequest().message()
]
}
}