also disable ssl when connecting to pgsql using ip

2026-06-03 16:44:09 +02:00 · 2021-06-16 13:27:35 +02:00 · 2021-06-16 13:27:35 +02:00 · 26a212cb9b
commit 26a212cb9b
parent 87dd4c570b
5 changed files with 131 additions and 27 deletions
--- a/Cargo.toml
+++ b/Cargo.toml
@ -1,7 +1,7 @@
 [package]
 name = "nextcloud-config-parser"
 description = "Rust parser for nextcloud config files"
-version = "0.1.0"
+version = "0.2.0"
 authors = ["Robin Appelman <robin@icewind.nl>"]
 edition = "2018"
 license = "MIT OR Apache-2.0"
--- a/src/lib.rs
+++ b/src/lib.rs
@ -142,6 +142,7 @@ pub enum Database {
        username: String,
        password: String,
        connect: DbConnect,
+        disable_ssl: bool,
    },
 }

@ -156,7 +157,7 @@ impl From<Database> for sqlx::any::AnyConnectOptions {
    fn from(cfg: Database) -> Self {
        use sqlx::{
            mysql::{MySqlConnectOptions, MySqlSslMode},
-            postgres::PgConnectOptions,
+            postgres::{PgConnectOptions, PgSslMode},
            sqlite::SqliteConnectOptions,
        };

@ -193,11 +194,15 @@ impl From<Database> for sqlx::any::AnyConnectOptions {
                username,
                password,
                connect,
+                disable_ssl,
            } => {
                let mut options = PgConnectOptions::default()
                    .database(&database)
                    .username(&username)
                    .password(&password);
+                if disable_ssl {
+                    options = options.ssl_mode(PgSslMode::Disable);
+                }
                match connect {
                    DbConnect::Socket(socket) => {
                        options = options.socket(socket);
--- a/src/nc.rs
+++ b/src/nc.rs
@ -173,15 +173,22 @@ fn parse_db_options(parsed: &Value) -> Result<Database> {
        Some("pgsql") => {
            let username = parsed["dbuser"].as_str().ok_or(DbError::NoUsername)?;
            let password = parsed["dbpassword"].as_str().ok_or(DbError::NoPassword)?;
-            let mut connect = match split_host(parsed["dbhost"].as_str().unwrap_or_default()) {
-                (addr, None, None) => DbConnect::Tcp {
+            let (mut connect, disable_ssl) =
+                match split_host(parsed["dbhost"].as_str().unwrap_or_default()) {
+                    (addr, None, None) => (
+                        DbConnect::Tcp {
                            host: addr.into(),
                            port: 5432,
                        },
-                (addr, Some(port), None) => DbConnect::Tcp {
+                        IpAddr::from_str(addr).is_ok(),
+                    ),
+                    (addr, Some(port), None) => (
+                        DbConnect::Tcp {
                            host: addr.into(),
                            port,
                        },
+                        IpAddr::from_str(addr).is_ok(),
+                    ),
                    (_, None, Some(socket)) => {
                        let mut socket_path = Path::new(socket);

@ -193,7 +200,7 @@ fn parse_db_options(parsed: &Value) -> Result<Database> {
                        {
                            socket_path = socket_path.parent().unwrap();
                        }
-                    DbConnect::Socket(socket_path.into())
+                        (DbConnect::Socket(socket_path.into()), false)
                    }
                    (_, Some(_), Some(_)) => {
                        unreachable!()
@ -214,6 +221,7 @@ fn parse_db_options(parsed: &Value) -> Result<Database> {
                username: username.into(),
                password: password.into(),
                connect,
+                disable_ssl,
            })
        }
        Some("sqlite3") => {
@ -474,6 +482,7 @@ fn test_parse_postgres_socket() {
            username: "redacted".to_string(),
            password: "redacted".to_string(),
            connect: DbConnect::Socket("/var/run/postgresql".into()),
+            disable_ssl: false,
        },
        &config.database,
    );
@ -499,6 +508,7 @@ fn test_parse_postgres_socket_folder() {
            username: "redacted".to_string(),
            password: "redacted".to_string(),
            connect: DbConnect::Socket("/var/run/postgresql".into()),
+            disable_ssl: false,
        },
        &config.database,
    );
@ -592,3 +602,62 @@ fn test_parse_config_mysql_fqdn() {
        config.database.into(),
    );
 }
+
+#[test]
+fn test_parse_postgres_ip() {
+    let config = config_from_file("tests/configs/postgres_ip.php");
+    assert_debug_equal(
+        &Database::Postgres {
+            database: "nextcloud".to_string(),
+            username: "redacted".to_string(),
+            password: "redacted".to_string(),
+            connect: DbConnect::Tcp {
+                host: "1.2.3.4".to_string(),
+                port: 5432,
+            },
+            disable_ssl: true,
+        },
+        &config.database,
+    );
+    #[cfg(feature = "db-sqlx")]
+    assert_debug_equal(
+        AnyConnectOptions::from(
+            PgConnectOptions::new()
+                .host("1.2.3.4")
+                .username("redacted")
+                .password("redacted")
+                .database("nextcloud")
+                .ssl_mode(sqlx::postgres::PgSslMode::Disable),
+        ),
+        config.database.into(),
+    );
+}
+
+#[test]
+fn test_parse_postgres_fqdn() {
+    let config = config_from_file("tests/configs/postgres_fqdn.php");
+    assert_debug_equal(
+        &Database::Postgres {
+            database: "nextcloud".to_string(),
+            username: "redacted".to_string(),
+            password: "redacted".to_string(),
+            connect: DbConnect::Tcp {
+                host: "pg.example.com".to_string(),
+                port: 5432,
+            },
+            disable_ssl: false,
+        },
+        &config.database,
+    );
+    #[cfg(feature = "db-sqlx")]
+    assert_debug_equal(
+        AnyConnectOptions::from(
+            PgConnectOptions::new()
+                .host("pg.example.com")
+                .username("redacted")
+                .password("redacted")
+                .database("nextcloud"),
+        ),
+        config.database.into(),
+    );
+}
--- a/tests/configs/postgres_fqdn.php
+++ b/tests/configs/postgres_fqdn.php
@ -0,0 +1,15 @@
+<?php
+
+$CONFIG = [
+	'overwrite.cli.url' => 'https://cloud.example.com',
+	'dbtype' => 'pgsql',
+	'dbname' => 'nextcloud',
+	'dbhost' => 'pg.example.com',
+	'dbport' => '',
+	'dbtableprefix' => 'oc_',
+	'dbuser' => 'redacted',
+	'dbpassword' => 'redacted',
+	'redis' => [
+		'host' => 'localhost'
+	]
+];
--- a/tests/configs/postgres_ip.php
+++ b/tests/configs/postgres_ip.php
@ -0,0 +1,15 @@
+<?php
+
+$CONFIG = [
+	'overwrite.cli.url' => 'https://cloud.example.com',
+	'dbtype' => 'pgsql',
+	'dbname' => 'nextcloud',
+	'dbhost' => '1.2.3.4',
+	'dbport' => '',
+	'dbtableprefix' => 'oc_',
+	'dbuser' => 'redacted',
+	'dbpassword' => 'redacted',
+	'redis' => [
+		'host' => 'localhost'
+	]
+];