pg - npm Package Compare versions
Comparing version 7.8.2 to 7.9.0
@@ -7,2 +7,6 @@ All major and minor releases are briefly explained below. | ||
| ### 7.9.0 | ||
| - Add support for [sasl/scram authentication](https://github.com/brianc/node-postgres/pull/1835). | ||
| ### 7.8.0 | ||
@@ -9,0 +13,0 @@ |
@@ -13,2 +13,3 @@ 'use strict' | ||
| var utils = require('./utils') | ||
| var sasl = require('./sasl') | ||
| var pgPass = require('pgpass') | ||
@@ -130,2 +131,24 @@ var TypeOverrides = require('./type-overrides') | ||
| // password request handling (SASL) | ||
| var saslSession | ||
| con.on('authenticationSASL', checkPgPass(function (msg) { | ||
| saslSession = sasl.startSession(msg.mechanisms) | ||
| con.sendSASLInitialResponseMessage(saslSession.mechanism, saslSession.response) | ||
| })) | ||
| // password request handling (SASL) | ||
| con.on('authenticationSASLContinue', function (msg) { | ||
| sasl.continueSession(saslSession, self.password, msg.data) | ||
| con.sendSCRAMClientFinalMessage(saslSession.response) | ||
| }) | ||
| // password request handling (SASL) | ||
| con.on('authenticationSASLFinal', function (msg) { | ||
| sasl.finalizeSession(saslSession, msg.data) | ||
| saslSession = null | ||
| }) | ||
| con.once('backendKeyData', function (msg) { | ||
@@ -132,0 +155,0 @@ self.processID = msg.processID |
@@ -194,2 +194,20 @@ 'use strict' | ||
| Connection.prototype.sendSASLInitialResponseMessage = function (mechanism, initialResponse) { | ||
| // 0x70 = 'p' | ||
| this.writer | ||
| .addCString(mechanism) | ||
| .addInt32(Buffer.byteLength(initialResponse)) | ||
| .addString(initialResponse) | ||
| this._send(0x70) | ||
| } | ||
| Connection.prototype.sendSCRAMClientFinalMessage = function (additionalData) { | ||
| // 0x70 = 'p' | ||
| this.writer | ||
| .addString(additionalData) | ||
| this._send(0x70) | ||
| } | ||
| Connection.prototype._send = function (code, more) { | ||
@@ -425,21 +443,49 @@ if (!this.stream.writable) { | ||
| Connection.prototype.parseR = function (buffer, length) { | ||
| var code = 0 | ||
| var code = this.parseInt32(buffer) | ||
| var msg = new Message('authenticationOk', length) | ||
| if (msg.length === 8) { | ||
| code = this.parseInt32(buffer) | ||
| if (code === 3) { | ||
| msg.name = 'authenticationCleartextPassword' | ||
| } | ||
| return msg | ||
| } | ||
| if (msg.length === 12) { | ||
| code = this.parseInt32(buffer) | ||
| if (code === 5) { // md5 required | ||
| msg.name = 'authenticationMD5Password' | ||
| msg.salt = Buffer.alloc(4) | ||
| buffer.copy(msg.salt, 0, this.offset, this.offset + 4) | ||
| this.offset += 4 | ||
| switch (code) { | ||
| case 0: // AuthenticationOk | ||
| return msg | ||
| } | ||
| case 3: // AuthenticationCleartextPassword | ||
| if (msg.length === 8) { | ||
| msg.name = 'authenticationCleartextPassword' | ||
| return msg | ||
| } | ||
| break | ||
| case 5: // AuthenticationMD5Password | ||
| if (msg.length === 12) { | ||
| msg.name = 'authenticationMD5Password' | ||
| msg.salt = Buffer.alloc(4) | ||
| buffer.copy(msg.salt, 0, this.offset, this.offset + 4) | ||
| this.offset += 4 | ||
| return msg | ||
| } | ||
| break | ||
| case 10: // AuthenticationSASL | ||
| msg.name = 'authenticationSASL' | ||
| msg.mechanisms = [] | ||
| do { | ||
| var mechanism = this.parseCString(buffer) | ||
| if (mechanism) { | ||
| msg.mechanisms.push(mechanism) | ||
| } | ||
| } while (mechanism) | ||
| return msg | ||
| case 11: // AuthenticationSASLContinue | ||
| msg.name = 'authenticationSASLContinue' | ||
| msg.data = this.readString(buffer, length - 4) | ||
| return msg | ||
| case 12: // AuthenticationSASLFinal | ||
| msg.name = 'authenticationSASLFinal' | ||
| msg.data = this.readString(buffer, length - 4) | ||
| return msg | ||
| } | ||
| throw new Error('Unknown authenticationOk message type' + util.inspect(msg)) | ||
@@ -446,0 +492,0 @@ } |
| { | ||
| "name": "pg", | ||
| "version": "7.8.2", | ||
| "version": "7.9.0", | ||
| "description": "PostgreSQL client - pure javascript & libpq with the same API", | ||
@@ -5,0 +5,0 @@ "keywords": [ |
@@ -5,2 +5,3 @@ node-postgres is made possible by the helpful contributors from the community well as the following generous supporters on [Patreon](https://www.patreon.com/node_postgres). | ||
| - [MadKudu](https://www.madkudu.com) - [@madkudu](https://twitter.com/madkudu) | ||
| - [Third Iron](https://thirdiron.com/) | ||
@@ -7,0 +8,0 @@ # Supporters |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by5.58%
94178
- Lines of code
- increased by8.11%
2227