Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.
Sign upGitHub is where the world builds software
Millions of developers and companies build, ship, and maintain their software on GitHub — the largest and most advanced development platform in the world.
Allow to specify tls certificate path though DSN #926
Comments
|
Unlike pq, we choosed URL style for DSN. It's difficult to write path in config. From v1.5, I want to promote Connector interface instead of DSN. DSN is too complicated already. |
|
pq also have URL style for DSN, you can check it here: https://godoc.org/github.com/lib/pq example from docs: connStr := "postgres://pqgotest:password@localhost/pqgotest?sslmode=verify-full" |
Is it be able to specify certificate path easily, without |
|
I extracted the code from pq project to test it out and I see that you don't need to specify package main
import "fmt"
import nurl "net/url"
import "strings"
func main() {
url := "postgres://bob:secret@1.2.3.4:5432/mydb?sslrootcert=/test/root.crt"
u, _ := nurl.Parse(url)
var kvs []string
escaper := strings.NewReplacer(` `, `\ `, `'`, `\'`, `\`, `\\`)
accrue := func(k, v string) {
if v != "" {
kvs = append(kvs, k+"="+escaper.Replace(v))
}
}
q := u.Query()
for k := range q {
accrue(k, q.Get(k))
}
fmt.Println(q)
}Result: Playground: https://play.golang.org/p/FxM9doANUnI |
Feature request description
For now the only way to add TLS validation is though code with RegisterTLSConfig. With providing certificate path though DSN (like pq is doing it) all existing applications will receive TLS certificate validation out of the box without code changes. It will also help the applications that supports both pq and mysql as this will eliminate mysql-specific initialisation code before
sql.Open()call.