feat(ssl) new enabled property for SSL options.

Allow to enable SSL without hacing to necessarily verify the server certificate.
thibaultcha · Dec 14, 2015 · cbab03b · cbab03b
1 parent 4a56056
commit cbab03b
Show file tree

Hide file tree

Showing 5 changed files with 44 additions and 10 deletions.
diff --git a/spec/unit/options_spec.lua b/spec/unit/options_spec.lua
@@ -107,6 +107,19 @@ describe("options parsing", function()
       }))
       assert.equal("socket read_timeout must be a number", err)
     end)
+    it("should validate SSL options", function()
+      local options, err = parse_session {
+        ssl_options = ""
+      }
+      assert.equal("ssl_optios must be a table", err)
+
+      options, err = parse_session {
+        ssl_options = {
+          enabled = ""
+        }
+      }
+      assert.equal("ssl_optios.enabled must be a boolean", err)
+    end)
     it("should set `prepared_shm` to `shm` if nil", function()
       local options, err = parse_session {
         shm = "test"

diff --git a/spec/unit/utils_spec.lua b/spec/unit/utils_spec.lua
@@ -61,5 +61,15 @@ describe("table_utils", function()
       target = table_utils.extend_table(source, target)
       assert.False(target.source)
     end)
+    it("should ignore targets that are not tables", function()
+      local source = {foo = {bar = "foobar"}}
+      local target = {foo = "hello"}
+
+      assert.has_no_error(function()
+        target = table_utils.extend_table(source, target)
+      end)
+
+      assert.equal("hello", target.foo)
+    end)
   end)
 end)
diff --git a/src/cassandra.lua b/src/cassandra.lua
@@ -252,7 +252,7 @@ function Host:connect()
     return false, Errors.SocketError(self.address, err), true
   end
 
-  if self.options.ssl_options ~= nil then
+  if self.options.ssl_options.enabled then
     ok, err = do_ssl_handshake(self)
     if not ok then
       return false, Errors.SocketError(self.address, err)

diff --git a/src/cassandra/options.lua b/src/cassandra/options.lua
@@ -33,15 +33,16 @@ local DEFAULTS = {
   socket_options = {
     connect_timeout = 1000,
     read_timeout = 2000
-  }
+  },
   -- username = nil,
   -- password = nil,
-  -- ssl_options = {
-  --   key = nil,
-  --   certificate = nil,
-  --   ca = nil, -- stub
-  --   verify = false
-  -- }
+  ssl_options = {
+    enabled = false
+  -- key = nil,
+  -- certificate = nil,
+  -- ca = nil, -- stub
+  -- verify = false
+  }
 }
 
 local function parse_session(options, lvl)
@@ -112,6 +113,14 @@ local function parse_session(options, lvl)
     return nil, "socket read_timeout must be a number"
   end
 
+  if type(options.ssl_options) ~= "table" then
+    return nil, "ssl_options must be a table"
+  end
+
+  if type(options.ssl_options.enabled) ~= "boolean" then
+    return nil, "ssl_options.enabled must be a boolean"
+  end
+
   return options
 end
 

diff --git a/src/cassandra/utils/table.lua b/src/cassandra/utils/table.lua
@@ -1,21 +1,23 @@
 local setmetatable = setmetatable
 local getmetatable = getmetatable
+local table_remove = table.remove
 local tostring = tostring
+local ipairs = ipairs
 local pairs = pairs
 local type = type
 
 local _M = {}
 
 function _M.extend_table(...)
   local sources = {...}
-  local values = table.remove(sources)
+  local values = table_remove(sources)
 
   for _, source in ipairs(sources) do
     for k in pairs(source) do
       if values[k] == nil then
         values[k] = source[k]
       end
-      if type(source[k]) == "table" then
+      if type(source[k]) == "table" and type(values[k]) == "table" then
         _M.extend_table(source[k], values[k])
       end
     end