Pg version includes ssl issue #764
Comments
|
Thanks for opening a new issue. The team has been notified and will review it as soon as possible. |
|
Yeah, that driver likes to break things, and I have been trying to shield My impression was that SSL issues cropped up with driver version 8.4.2, and not with 8.4.1. Therefore I'm surprised to hear you're having driver issues with the current version. Or maybe I misunderstood? How did you manage to see the issue to begin with, if the currently used driver is 8.4.1? I have just tried to update to the latest version of the driver straight up, but it appears to have broken more things, as some of my tests started to fail, so I rolled it back. Will have to revisit it later though. |
|
I'm seeing what I think is this issue, but it now seems to be affecting a way wider set of versions than pg-promise@10.7.3 pg@8.4.2. I've had a project happily using SSL client certs against a DB using pg-promise@10.5.2 for several months. Built a new component using the same connection code and credentials option (pulled in pg-promise@10.7.3), fails to connect with "error: connection requires a valid client certificate". Dropped back to 10.7.0, same issue. Dropped back to 10.5.2, which was working in the other project, same issue. Take the project that was running happily with 10.5.2, observe that it still is running happily. Nuke yarn.lock and node_modules to re-install all dependencies and the working 10.5.2 pg-promise project starts failing too. On inspection, this depends on 8.0.1 of pg. Drop both projects back to 10.4 pg-promise (7.18.1 of pg) and they both start working. I think there is an interaction with either a lose dependency in pg, or some sort of native component issue here (I'm not using pg-native to my knowledge). My connection options structure looks like: Oddly, if I call the pg connect method directly after setting the above credential object then this fails in the same way with 8.4.2, but is OK with 8.4.1. |
That might be related to this issue in the driver.
That'd odd, because the above issue started manifesting itself only with version 8.4.2, while
Yeah, I've observed similar issues locally here, just recently.
Well, that's at least something usable for the moment :) |
Didn't spot that because it was closed, would have saved myself a couple of hours if I had.
I think the issue is that pg 8 (even back to 8.0.1) pulls in pg-pool up to 3.2.2 which is the version that introduces the problem, so old versions will go mouldy if you re run yarn/npm install from scratch.
Now that I know what I know (thank you): Fixes it for me. |
|
@rjp44 Thank you for providing a temporary work-around. It seems that a good amount of work is now needed here...
|
|
I have published 10.7.4 as Beta, to be installed as: @rjp44 , @domosapien Please let me know guys where we stand with this update, before official release is considered. |
|
@vitaly-t Thanks for the update, I will attempt it tomorrow. It doesn't seem like the pg-pool has been fixed in the latest version of pg though, we will have to see. |
|
10.7.5-beta.0 added - another Beta update. To install, use: Later added 10.7.5-beta.1: |
|
@vitaly-t I just tried with beta.1 (and updated my other reference to 8.5.1) and it works just fine. |
|
@domosapien Thanks for the update. I will be releasing it then shortly. |
Expected behavior
Ssl properties are forwarded properly to db connection
Actual behavior
Server fails due to missing client cert
Steps to reproduce
Set up server to require client cert, pass ssl options.
It seems like there is a patched version of pg that mentions an ssl options forwarding bug, but when I attempted to update that and this to the latest it still fails. Reverting to 10.7.0 with pg 8.4.1 seems to work, but it held back some of the other of dependencies too.
Environment
The text was updated successfully, but these errors were encountered: