rwf2
/
Rocket
mirror of https://github.com/rwf2/Rocket.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

implement TLS options for SQLx databases

This commit is contained in:
Edwin Svensson 2023-08-26 16:56:46 +02:00
parent 26a3f00f82
commit 2ee96ce7eb
No known key found for this signature in database
GPG Key ID: 7F9EC4DD0C67951F
4 changed files with 53 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.gitignore vendored
View File

@ -31,3 +31,6 @@ scripts/redirect.html
# Uploads in pastebin example. # Uploads in pastebin example.
examples/pastebin/upload/* examples/pastebin/upload/*
# Editor/IDE configurations
.vscode/

2
contrib/db_pools/lib/Cargo.toml
View File

@ -22,6 +22,8 @@ sqlx_mysql = ["sqlx", "sqlx/mysql"]
sqlx_postgres = ["sqlx", "sqlx/postgres"] sqlx_postgres = ["sqlx", "sqlx/postgres"]
sqlx_sqlite = ["sqlx", "sqlx/sqlite"] sqlx_sqlite = ["sqlx", "sqlx/sqlite"]
sqlx_macros = ["sqlx/macros"] sqlx_macros = ["sqlx/macros"]
sqlx_native_tls = ["sqlx/tls-native-tls"]
sqlx_rustls = ["sqlx/tls-rustls"]
# diesel features # diesel features
diesel_postgres = ["diesel-async/postgres", "diesel-async/deadpool", "diesel", "deadpool"] diesel_postgres = ["diesel-async/postgres", "diesel-async/deadpool", "diesel", "deadpool"]
diesel_mysql = ["diesel-async/mysql", "diesel-async/deadpool", "diesel", "deadpool"] diesel_mysql = ["diesel-async/mysql", "diesel-async/deadpool", "diesel", "deadpool"]

17
contrib/db_pools/lib/src/config.rs
View File

@ -1,4 +1,5 @@
use rocket::serde::{Deserialize, Serialize}; use rocket::serde::{Deserialize, Serialize};
use std::path::PathBuf;
/// Base configuration for all database drivers. /// Base configuration for all database drivers.
/// ///
@ -36,6 +37,9 @@ use rocket::serde::{Deserialize, Serialize};
/// max_connections: 1024, /// max_connections: 1024,
/// connect_timeout: 3, /// connect_timeout: 3,
/// idle_timeout: None, /// idle_timeout: None,
/// ssl_root_cert: None,
/// ssl_client_cert: None,
/// ssl_client_key: None
/// })); /// }));
/// ///
/// rocket::custom(figment) /// rocket::custom(figment)
@ -80,4 +84,17 @@ pub struct Config {
/// ///
/// _Default:_ `None`. /// _Default:_ `None`.
pub idle_timeout: Option<u64>, pub idle_timeout: Option<u64>,
/// Sets the name of a file containing SSL certificate authority (CA) certificate(s).
/// If the file exists, the servers certificate will be verified to be signed by one of these authorities.
///
/// _Default:_ `None`.
pub ssl_root_cert: Option<PathBuf>,
/// Sets the name of a file containing SSL client certificate.
///
/// _Default:_ `None`.
pub ssl_client_cert: Option<PathBuf>,
/// Sets the name of a file containing SSL client key.
///
/// _Default:_ `None`.
pub ssl_client_key: Option<PathBuf>,
} }

31
contrib/db_pools/lib/src/pool.rs
View File

@ -240,6 +240,37 @@ mod sqlx {
.busy_timeout(Duration::from_secs(__config.connect_timeout)) .busy_timeout(Duration::from_secs(__config.connect_timeout))
.create_if_missing(true); .create_if_missing(true);
} }
#[cfg(feature = "sqlx_postgres")]
if let Some(o) = __options.downcast_mut::<sqlx::postgres::PgConnectOptions>() {
if let Some(ref ssl_root_cert) = __config.ssl_root_cert {
*o = std::mem::take(o).ssl_root_cert(ssl_root_cert);
}
if let Some(ref ssl_client_cert) = __config.ssl_client_cert {
*o = std::mem::take(o).ssl_client_cert(ssl_client_cert);
}
if let Some(ref ssl_client_key) = __config.ssl_client_key {
*o = std::mem::take(o).ssl_client_key(ssl_client_key);
}
}
#[cfg(feature = "sqlx_mysql")]
if let Some(o) = __options.downcast_mut::<sqlx::mysql::MySqlConnectOptions>() {
if let Some(ref ssl_root_cert) = __config.ssl_root_cert {
*o = std::mem::take(o).ssl_ca(ssl_root_cert);
}
if let Some(ref ssl_client_cert) = __config.ssl_client_cert {
*o = std::mem::take(o).ssl_client_cert(ssl_client_cert);
}
if let Some(ref ssl_client_key) = __config.ssl_client_key {
*o = std::mem::take(o).ssl_client_key(ssl_client_key);
}
}
} }
#[rocket::async_trait] #[rocket::async_trait]