Comparing version 7.8.2 to 7.9.0
@@ -7,2 +7,6 @@ All major and minor releases are briefly explained below. | ||
### 7.9.0 | ||
- Add support for [sasl/scram authentication](https://github.com/brianc/node-postgres/pull/1835). | ||
### 7.8.0 | ||
@@ -9,0 +13,0 @@ |
@@ -13,2 +13,3 @@ 'use strict' | ||
var utils = require('./utils') | ||
var sasl = require('./sasl') | ||
var pgPass = require('pgpass') | ||
@@ -130,2 +131,24 @@ var TypeOverrides = require('./type-overrides') | ||
// password request handling (SASL) | ||
var saslSession | ||
con.on('authenticationSASL', checkPgPass(function (msg) { | ||
saslSession = sasl.startSession(msg.mechanisms) | ||
con.sendSASLInitialResponseMessage(saslSession.mechanism, saslSession.response) | ||
})) | ||
// password request handling (SASL) | ||
con.on('authenticationSASLContinue', function (msg) { | ||
sasl.continueSession(saslSession, self.password, msg.data) | ||
con.sendSCRAMClientFinalMessage(saslSession.response) | ||
}) | ||
// password request handling (SASL) | ||
con.on('authenticationSASLFinal', function (msg) { | ||
sasl.finalizeSession(saslSession, msg.data) | ||
saslSession = null | ||
}) | ||
con.once('backendKeyData', function (msg) { | ||
@@ -132,0 +155,0 @@ self.processID = msg.processID |
@@ -194,2 +194,20 @@ 'use strict' | ||
Connection.prototype.sendSASLInitialResponseMessage = function (mechanism, initialResponse) { | ||
// 0x70 = 'p' | ||
this.writer | ||
.addCString(mechanism) | ||
.addInt32(Buffer.byteLength(initialResponse)) | ||
.addString(initialResponse) | ||
this._send(0x70) | ||
} | ||
Connection.prototype.sendSCRAMClientFinalMessage = function (additionalData) { | ||
// 0x70 = 'p' | ||
this.writer | ||
.addString(additionalData) | ||
this._send(0x70) | ||
} | ||
Connection.prototype._send = function (code, more) { | ||
@@ -425,21 +443,49 @@ if (!this.stream.writable) { | ||
Connection.prototype.parseR = function (buffer, length) { | ||
var code = 0 | ||
var code = this.parseInt32(buffer) | ||
var msg = new Message('authenticationOk', length) | ||
if (msg.length === 8) { | ||
code = this.parseInt32(buffer) | ||
if (code === 3) { | ||
msg.name = 'authenticationCleartextPassword' | ||
} | ||
return msg | ||
} | ||
if (msg.length === 12) { | ||
code = this.parseInt32(buffer) | ||
if (code === 5) { // md5 required | ||
msg.name = 'authenticationMD5Password' | ||
msg.salt = Buffer.alloc(4) | ||
buffer.copy(msg.salt, 0, this.offset, this.offset + 4) | ||
this.offset += 4 | ||
switch (code) { | ||
case 0: // AuthenticationOk | ||
return msg | ||
} | ||
case 3: // AuthenticationCleartextPassword | ||
if (msg.length === 8) { | ||
msg.name = 'authenticationCleartextPassword' | ||
return msg | ||
} | ||
break | ||
case 5: // AuthenticationMD5Password | ||
if (msg.length === 12) { | ||
msg.name = 'authenticationMD5Password' | ||
msg.salt = Buffer.alloc(4) | ||
buffer.copy(msg.salt, 0, this.offset, this.offset + 4) | ||
this.offset += 4 | ||
return msg | ||
} | ||
break | ||
case 10: // AuthenticationSASL | ||
msg.name = 'authenticationSASL' | ||
msg.mechanisms = [] | ||
do { | ||
var mechanism = this.parseCString(buffer) | ||
if (mechanism) { | ||
msg.mechanisms.push(mechanism) | ||
} | ||
} while (mechanism) | ||
return msg | ||
case 11: // AuthenticationSASLContinue | ||
msg.name = 'authenticationSASLContinue' | ||
msg.data = this.readString(buffer, length - 4) | ||
return msg | ||
case 12: // AuthenticationSASLFinal | ||
msg.name = 'authenticationSASLFinal' | ||
msg.data = this.readString(buffer, length - 4) | ||
return msg | ||
} | ||
throw new Error('Unknown authenticationOk message type' + util.inspect(msg)) | ||
@@ -446,0 +492,0 @@ } |
{ | ||
"name": "pg", | ||
"version": "7.8.2", | ||
"version": "7.9.0", | ||
"description": "PostgreSQL client - pure javascript & libpq with the same API", | ||
@@ -5,0 +5,0 @@ "keywords": [ |
@@ -5,2 +5,3 @@ node-postgres is made possible by the helpful contributors from the community well as the following generous supporters on [Patreon](https://www.patreon.com/node_postgres). | ||
- [MadKudu](https://www.madkudu.com) - [@madkudu](https://twitter.com/madkudu) | ||
- [Third Iron](https://thirdiron.com/) | ||
@@ -7,0 +8,0 @@ # Supporters |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
94178
2227