Merge pull request #7 from prisma/push-sztwulwxzrnp

Merge tokio-postgres 0.7.13

Author: aqrln

.github/workflows/ci.yml

@@ -73,16 +73,18 @@ jobs:
           path: target
           key: check-wasm32-target-${{ runner.os }}-${{ steps.rust-version.outputs.version }}-${{ hashFiles('Cargo.lock') }}
       - run: cargo check --target wasm32-unknown-unknown --manifest-path tokio-postgres/Cargo.toml --no-default-features --features js
+        env:
+          RUSTFLAGS: --cfg getrandom_backend="wasm_js"
 
   test:
     name: test
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - run: docker compose up -d
       - uses: sfackler/actions/rustup@master
         with:
-          version: 1.74.0
+          version: 1.81.0
       - run: echo "version=$(rustc --version)" >> $GITHUB_OUTPUT
         id: rust-version
       - uses: actions/cache@v3

docker-compose.yml

@@ -1,7 +1,7 @@
 version: '2'
 services:
   postgres:
-    image: postgres:14
+    image: docker.io/postgres:17
     ports:
       - 5433:5433
     volumes:

postgres-native-tls/CHANGELOG.md

@@ -1,5 +1,11 @@
 # Change Log
 
+## v0.5.1 - 2025-02-02
+
+### Added
+
+* Added `set_postgresql_alpn`.
+
 ## v0.5.0 - 2020-12-25
 
 ### Changed

postgres-native-tls/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "postgres-native-tls"
-version = "0.5.0"
+version = "0.5.1"
 authors = ["Steven Fackler <[email protected]>"]
 edition = "2018"
 license = "MIT OR Apache-2.0"
@@ -17,7 +17,7 @@ runtime = ["tokio-postgres/runtime"]
 vendored-openssl = ["tokio-native-tls/vendored", "native-tls/vendored"]
 
 [dependencies]
-native-tls = "0.2"
+native-tls = { version = "0.2", features = ["alpn"] }
 tokio = "1.0"
 tokio-native-tls = "0.3"
 tokio-postgres = { version = "0.7.11", path = "../tokio-postgres", default-features = false }

postgres-native-tls/src/lib.rs

@@ -53,6 +53,7 @@
 //! ```
 #![warn(rust_2018_idioms, clippy::all, missing_docs)]
 
+use native_tls::TlsConnectorBuilder;
 use std::future::Future;
 use std::io;
 use std::pin::Pin;
@@ -180,3 +181,10 @@ where
         }
     }
 }
+
+/// Set ALPN for `TlsConnectorBuilder`
+///
+/// This is required when using `sslnegotiation=direct`
+pub fn set_postgresql_alpn(builder: &mut TlsConnectorBuilder) {
+    builder.request_alpns(&["postgresql"]);
+}

postgres-native-tls/src/test.rs

@@ -5,7 +5,7 @@ use tokio_postgres::tls::TlsConnect;
 
 #[cfg(feature = "runtime")]
 use crate::MakeTlsConnector;
-use crate::TlsConnector;
+use crate::{set_postgresql_alpn, TlsConnector};
 
 async fn smoke_test<T>(s: &str, tls: T)
 where
@@ -42,6 +42,21 @@ async fn require() {
     .await;
 }
 
+#[tokio::test]
+async fn direct() {
+    let mut builder = native_tls::TlsConnector::builder();
+    builder.add_root_certificate(
+        Certificate::from_pem(include_bytes!("../../test/server.crt")).unwrap(),
+    );
+    set_postgresql_alpn(&mut builder);
+    let connector = builder.build().unwrap();
+    smoke_test(
+        "user=ssl_user dbname=postgres sslmode=require sslnegotiation=direct",
+        TlsConnector::new(connector, "localhost"),
+    )
+    .await;
+}
+
 #[tokio::test]
 async fn prefer() {
     let connector = native_tls::TlsConnector::builder()

postgres-openssl/CHANGELOG.md

@@ -1,5 +1,11 @@
 # Change Log
 
+## v0.5.1 - 2025-02-02
+
+### Added
+
+* Added `set_postgresql_alpn`.
+
 ## v0.5.0 - 2020-12-25
 
 ### Changed

postgres-openssl/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "postgres-openssl"
-version = "0.5.0"
+version = "0.5.1"
 authors = ["Steven Fackler <[email protected]>"]
 edition = "2018"
 license = "MIT OR Apache-2.0"

postgres-openssl/src/lib.rs

@@ -53,7 +53,7 @@ use openssl::hash::MessageDigest;
 use openssl::nid::Nid;
 #[cfg(feature = "runtime")]
 use openssl::ssl::SslConnector;
-use openssl::ssl::{self, ConnectConfiguration, SslRef};
+use openssl::ssl::{self, ConnectConfiguration, SslConnectorBuilder, SslRef};
 use openssl::x509::X509VerifyResult;
 use std::error::Error;
 use std::fmt::{self, Debug};
@@ -250,3 +250,10 @@ fn tls_server_end_point(ssl: &SslRef) -> Option<Vec<u8>> {
     };
     cert.digest(md).ok().map(|b| b.to_vec())
 }
+
+/// Set ALPN for `SslConnectorBuilder`
+///
+/// This is required when using `sslnegotiation=direct`
+pub fn set_postgresql_alpn(builder: &mut SslConnectorBuilder) -> Result<(), ErrorStack> {
+    builder.set_alpn_protos(b"\x0apostgresql")
+}

postgres-openssl/src/test.rs

@@ -37,6 +37,19 @@ async fn require() {
     .await;
 }
 
+#[tokio::test]
+async fn direct() {
+    let mut builder = SslConnector::builder(SslMethod::tls()).unwrap();
+    builder.set_ca_file("../test/server.crt").unwrap();
+    set_postgresql_alpn(&mut builder).unwrap();
+    let ctx = builder.build();
+    smoke_test(
+        "user=ssl_user dbname=postgres sslmode=require sslnegotiation=direct",
+        TlsConnector::new(ctx.configure().unwrap(), "localhost"),
+    )
+    .await;
+}
+
 #[tokio::test]
 async fn prefer() {
     let mut builder = SslConnector::builder(SslMethod::tls()).unwrap();