pg

package

v0.2.0 Latest Latest Go to latest Published: Feb 29, 2024 License: MIT Imports: 9 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/mothership/rds-auth-proxy

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func Connect(host string, mode SSLMode, cert *tls.Certificate, rootCert *x509.Certificate) (net.Conn, error)
func UpgradeClient(hostPort string, connection net.Conn, mode SSLMode, cert *tls.Certificate, ...) (net.Conn, error)
func UpgradeServer(client net.Conn, cert *tls.Certificate) net.Conn
type AuthFailedError
- func (a *AuthFailedError) Error() string
type Backend
type BackendOption
type Frontend
type FrontendOption
type PostgresBackend
- func NewBackend(conn net.Conn, opts ...BackendOption) (*PostgresBackend, error)
type PostgresFrontend
- func NewFrontend(conn net.Conn, opts ...FrontendOption) (*PostgresFrontend, error)
type SSLMode
type SendOnlyBackend
type SendOnlyFrontend

Constants ¶

View Source

const (
	// SSLDisabled only tries a non-SSL connection
	SSLDisabled SSLMode = "disable"
	// SSLAllow first try a non-SSL connection, if that fails, tries an SSL connection
	// XXX: Not allowed at this time
	SSLAllow = "allow"
	// SSLPreferred is like allow, but tries an SSL connection first -- default behavior of psql
	SSLPreferred = "preferred"
	// SSLRequired only tries an SSL connection. If a root CA file is present, verify the certificate in the same way as if verify-ca was specified
	SSLRequired = "require"
	// SSLVerifyCA only tries an SSL connection, and verifies that the server certificate is issued by a trusted CA.
	SSLVerifyCA = "verify-ca"
	// SSLVerifyFull only tries an SSL connection, verifies that the server certificate is issued by a trusted CA and that
	// the server hostname matches that in the certificate.
	SSLVerifyFull = "verify-full"
)

View Source

const GSSENCecNotAllowed byte = 'N'

View Source

const SSLAllowed byte = 'S'

View Source

const SSLNotAllowed byte = 'N'

Variables ¶

This section is empty.

Functions ¶

func Connect ¶

func Connect(host string, mode SSLMode, cert *tls.Certificate, rootCert *x509.Certificate) (net.Conn, error)

Connect connects to an upstream database

func UpgradeClient ¶

func UpgradeClient(hostPort string, connection net.Conn, mode SSLMode, cert *tls.Certificate, rootCert *x509.Certificate) (net.Conn, error)

UpgradeClient upgrades a client connection with SSL

func UpgradeServer ¶

func UpgradeServer(client net.Conn, cert *tls.Certificate) net.Conn

UpgradeServer upgrades a server connection with SSL

Types ¶

type AuthFailedError ¶

type AuthFailedError struct {
	ErrMsg *pgproto3.ErrorResponse
}

func (*AuthFailedError) Error ¶

func (a *AuthFailedError) Error() string

type Backend ¶

type Backend interface {
	io.Closer
	Send(msg pgproto3.BackendMessage) error
	SendRaw([]byte) error
	Receive() (pgproto3.FrontendMessage, error)
	ReceiveRaw() ([]byte, error)
}

Backend acts as the postgres front-end client (ex: psql)

type BackendOption ¶

type BackendOption func(f *PostgresBackend) error

BackendOption allows us to specify options

type Frontend ¶

type Frontend interface {
	io.Closer
	Send(msg pgproto3.FrontendMessage) error
	SendRaw([]byte) error
	Receive() (pgproto3.BackendMessage, error)
	ReceiveRaw() ([]byte, error)
}

Frontend acts as the postgres front-end client (ex: psql)

type FrontendOption ¶

type FrontendOption func(f *PostgresFrontend) error

FrontendOption allows us to specify options

type PostgresBackend ¶

type PostgresBackend struct {
	IdleTimeout time.Duration
	// contains filtered or unexported fields
}

PostgresBackend implements a postgres backend client

func NewBackend ¶

func NewBackend(conn net.Conn, opts ...BackendOption) (*PostgresBackend, error)

NewBackend returns a new postgres backend

func (*PostgresBackend) Close ¶

func (b *PostgresBackend) Close() error

Close closes the underlying connection

func (*PostgresBackend) Receive ¶

func (b *PostgresBackend) Receive() (pgproto3.FrontendMessage, error)

Receive accepts a message from the backend, or errors if nothing is read within the idle timeout. Returns io.ErrUnexpectedEOF if the connection has been closed.

func (*PostgresBackend) ReceiveRaw ¶

func (b *PostgresBackend) ReceiveRaw() ([]byte, error)

ReceiveRaw accepts a message from the backend, or errors if nothing is read within the idle timeout. Returns io.ErrUnexpectedEOF if the connection has been closed.

func (*PostgresBackend) Send ¶

func (b *PostgresBackend) Send(msg pgproto3.BackendMessage) error

Send sends a backend message to the backend

func (*PostgresBackend) SendRaw ¶

func (b *PostgresBackend) SendRaw(msg []byte) error

SendRaw sends arbitrary bytes to a backend

func (*PostgresBackend) SetupConnection ¶

func (b *PostgresBackend) SetupConnection(cert *tls.Certificate) (map[string]string, error)

SetupConnection sets up an inbound connection and extracts the login information This will always return the existing connection, unless it had to upgrade to an SSL connection.

type PostgresFrontend ¶

type PostgresFrontend struct {
	IdleTimeout time.Duration
	// contains filtered or unexported fields
}

PostgresFrontend implements a postgres frontend client

func NewFrontend ¶

func NewFrontend(conn net.Conn, opts ...FrontendOption) (*PostgresFrontend, error)

NewFrontend returns a new postgres frontend

func (*PostgresFrontend) Close ¶

func (b *PostgresFrontend) Close() error

Close closes the underlying connection

func (*PostgresFrontend) HandleAuthenticationRequest ¶

func (f *PostgresFrontend) HandleAuthenticationRequest(username, password string) error

func (*PostgresFrontend) Receive ¶

func (f *PostgresFrontend) Receive() (pgproto3.BackendMessage, error)

Receive accepts a message from the backend, or errors if nothing is read within the idle timeout. Returns io.ErrUnexpectedEOF if the connection has been closed.

func (*PostgresFrontend) ReceiveRaw ¶

func (f *PostgresFrontend) ReceiveRaw() ([]byte, error)

ReceiveRaw accepts a message from the backend, or errors if nothing is read within the idle timeout. Returns io.ErrUnexpectedEOF if the connection has been closed.

func (*PostgresFrontend) Send ¶

func (f *PostgresFrontend) Send(msg pgproto3.FrontendMessage) error

Send sends a frontend message to the backend

func (*PostgresFrontend) SendRaw ¶

func (f *PostgresFrontend) SendRaw(b []byte) error

SendRaw sends arbitrary bytes to a backend

type SSLMode ¶

type SSLMode string

SSLMode is the type of SSL required https://www.postgresql.org/docs/8.4/libpq-connect.html#LIBPQ-CONNECT-SSLMODE

type SendOnlyBackend ¶ added in v0.2.0

type SendOnlyBackend interface {
	Send(msg pgproto3.BackendMessage) error
}

SendOnlyBackend allows only the send operation to be accessed for network safety

type SendOnlyFrontend ¶ added in v0.2.0

type SendOnlyFrontend interface {
	Send(msg pgproto3.FrontendMessage) error
}

SendOnlyFrontend allows only the send operation to be accessed for network safety

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL