Postgres tls/sslmode "verify-full" as default

[maab]

With this PR verify-full will be the default postgres sslmode instead of disable. A user then has to actively disable transport layer security. This improves security and hopefully awareness of users for it.

[iegomez]

Thanks, @maab!

I retargeted it to master because 2.0.0 was out of date and I'km gonna do the release anyway.

Never mind, I rebased that branch.

[iegomez]

Oh, forgot about one thing: this needs to get documented. Could you change the Readme to be explicit about it?

Also, I'll recreate the 2.0.0 branch.

[iegomez]

@maab would you be available to document the change? I can throw something in the readme if not.

[maab]

@maab would you be available to document the change? I can throw something in the readme if not.

Sorry for the late reply, I was on vacation. I'll block time to extend the readme next week.

[iegomez]

Sure, @maab, no rush. Sorry for bugging you on your vacation, hope you enjoyed your time off!

[maab]

Thank you @iegomez and absolutely no problem.

I've pushed a suggestion for a extension of the readme.

[iegomez]

Thanks, @maab!

I'll get it merged and release the new version later today.

[iegomez]

One question, @maab: is this passing tests? I'd think this test case would need to have ssl_mode explicitly set to disable to pass: https://github.com/iegomez/mosquitto-go-auth/blob/master/backends/postgres_test.go#L12

I'm out of the country and only have my work machine with me, which is not configured to either have working services for running tests, nor the Docker test script, so I can't reliably check.

[iegomez]

@maab I tried running test through Docker but there's something weird going on in this machine and I failed to do so.
So yeah, I'll have to ask you to run them to see if the test case needs to be adjusted for this default value change.

[maab]

Again, sorry for the late feedback. You're right, some of the tests failed because of the verify-full sslmode. I've fixed them by adding sslmode disable to the tests.

[iegomez]

@maab It takes me some times weeks to even respond, so no worries at all.
Thanks for checking and adjusting it, I've already merged and will release 2.0.0.