Fix TLS connections.

go-pg · Jan 13, 2017 · d2bcc88 · d2bcc88
1 parent 19b78dc
commit d2bcc88
Show file tree

Hide file tree

Showing 6 changed files with 36 additions and 22 deletions.
diff --git a/db.go b/db.go
@@ -70,6 +70,8 @@ func (db *DB) conn() (*pool.Conn, error) {
 		return nil, err
 	}
 
+	cn.SetReadWriteTimeout(db.opt.ReadTimeout, db.opt.WriteTimeout)
+
 	if cn.InitedAt.IsZero() {
 		if err := db.initConn(cn); err != nil {
 			_ = db.pool.Remove(cn, err)
@@ -78,7 +80,6 @@ func (db *DB) conn() (*pool.Conn, error) {
 		cn.InitedAt = time.Now()
 	}
 
-	cn.SetReadWriteTimeout(db.opt.ReadTimeout, db.opt.WriteTimeout)
 	return cn, nil
 }
 

diff --git a/db_test.go b/db_test.go
@@ -2,6 +2,7 @@ package pg_test
 
 import (
 	"bytes"
+	"crypto/tls"
 	"database/sql"
 	"fmt"
 	"net"
@@ -26,11 +27,17 @@ func TestGinkgo(t *testing.T) {
 
 func pgOptions() *pg.Options {
 	return &pg.Options{
-		User:               "postgres",
-		Database:           "postgres",
-		DialTimeout:        30 * time.Second,
-		ReadTimeout:        10 * time.Second,
-		WriteTimeout:       10 * time.Second,
+		User:     "postgres",
+		Database: "postgres",
+
+		TLSConfig: &tls.Config{
+			InsecureSkipVerify: true,
+		},
+
+		DialTimeout:  30 * time.Second,
+		ReadTimeout:  10 * time.Second,
+		WriteTimeout: 10 * time.Second,
+
 		PoolSize:           10,
 		PoolTimeout:        30 * time.Second,
 		IdleTimeout:        10 * time.Second,

diff --git a/example_test.go b/example_test.go
@@ -17,18 +17,29 @@ func init() {
 }
 
 func connect() *pg.DB {
-	return pg.Connect(&pg.Options{
-		User: "postgres",
-	})
+	return pg.Connect(pgOptions())
 }
 
 func ExampleConnect() {
 	db := pg.Connect(&pg.Options{
-		User: "postgres",
+		User:     "postgres",
+		Password: "",
+		Database: "postgres",
 	})
-	err := db.Close()
-	fmt.Println(err)
-	// Output: <nil>
+
+	var n int
+	_, err := db.QueryOne(pg.Scan(&n), "SELECT 1")
+	if err != nil {
+		panic(err)
+	}
+	fmt.Println(n)
+
+	err = db.Close()
+	if err != nil {
+		panic(err)
+	}
+
+	// Output: 1
 }
 
 func ExampleDB_QueryOne() {

diff --git a/internal/pool/buffer.go b/internal/pool/buffer.go
@@ -82,7 +82,7 @@ func (buf *WriteBuffer) WriteByte(c byte) {
 
 func (buf *WriteBuffer) Flush() error {
 	_, err := buf.w.Write(buf.Bytes)
-	buf.Bytes = buf.Bytes[:0]
+	buf.Reset()
 	return err
 }
 

diff --git a/main_test.go b/main_test.go
@@ -20,6 +20,7 @@ func TestUnixSocket(t *testing.T) {
 	opt := pgOptions()
 	opt.Network = "unix"
 	opt.Addr = "/var/run/postgresql/.s.PGSQL.5432"
+	opt.TLSConfig = nil
 	db := pg.Connect(opt)
 	defer db.Close()
 

diff --git a/messages.go b/messages.go
@@ -109,7 +109,7 @@ func enableSSL(cn *pool.Conn, tlsConf *tls.Config) error {
 		return err
 	}
 
-	b := make([]byte, 1)
+	b := cn.Buf[:1]
 	_, err := io.ReadFull(cn.NetConn, b)
 	if err != nil {
 		return err
@@ -118,13 +118,7 @@ func enableSSL(cn *pool.Conn, tlsConf *tls.Config) error {
 		return errSSLNotSupported
 	}
 
-	if tlsConf == nil {
-		tlsConf = &tls.Config{
-			InsecureSkipVerify: true,
-		}
-	}
-	cn.NetConn = tls.Client(cn.NetConn, tlsConf)
-
+	cn.SetNetConn(tls.Client(cn.NetConn, tlsConf))
 	return nil
 }