@forestadmin/datasource-sql 1.6.2 → 1.6.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/connection/index.js +20 -5
- package/package.json +1 -1
package/dist/connection/index.js
CHANGED
|
@@ -7,7 +7,7 @@ const sequelize_1 = require("sequelize");
|
|
|
7
7
|
const preprocess_1 = __importDefault(require("./preprocess"));
|
|
8
8
|
const reverse_proxy_1 = __importDefault(require("./reverse-proxy"));
|
|
9
9
|
const utils_1 = require("./utils");
|
|
10
|
-
function getSslConfiguration(dialect, sslMode, logger) {
|
|
10
|
+
function getSslConfiguration(dialect, sslMode, servername, logger) {
|
|
11
11
|
switch (dialect) {
|
|
12
12
|
case 'mariadb':
|
|
13
13
|
if (sslMode === 'disabled')
|
|
@@ -36,10 +36,18 @@ function getSslConfiguration(dialect, sslMode, logger) {
|
|
|
36
36
|
case 'postgres':
|
|
37
37
|
if (sslMode === 'disabled')
|
|
38
38
|
return { ssl: false };
|
|
39
|
+
// Pass servername to the net.tlsSocket constructor.
|
|
40
|
+
// This is done so that
|
|
41
|
+
// - Certificate verification still work when using a proxy server to reach the db (we are
|
|
42
|
+
// forced to use a tcp reverse proxy because some drivers do not support them)
|
|
43
|
+
// - Providers which use SNI to route requests to the correct database still work (most
|
|
44
|
+
// notably neon.tech).
|
|
45
|
+
// Note that we should either do that for the other vendors (if possible), or
|
|
46
|
+
// replace the reverse proxy by a forward proxy (when supported).
|
|
39
47
|
if (sslMode === 'required')
|
|
40
|
-
return { ssl: { require: true, rejectUnauthorized: false } };
|
|
48
|
+
return { ssl: { require: true, rejectUnauthorized: false, servername } };
|
|
41
49
|
if (sslMode === 'verify')
|
|
42
|
-
return { ssl: { require: true, rejectUnauthorized: true } };
|
|
50
|
+
return { ssl: { require: true, rejectUnauthorized: true, servername } };
|
|
43
51
|
break;
|
|
44
52
|
case 'db2':
|
|
45
53
|
case 'oracle':
|
|
@@ -58,6 +66,13 @@ async function connect(uriOrOptions, logger) {
|
|
|
58
66
|
let sequelize;
|
|
59
67
|
try {
|
|
60
68
|
let options = await (0, preprocess_1.default)(uriOrOptions);
|
|
69
|
+
let servername;
|
|
70
|
+
try {
|
|
71
|
+
servername = options?.host ?? new URL(options.uri).hostname;
|
|
72
|
+
}
|
|
73
|
+
catch {
|
|
74
|
+
// don't crash if using unix socket, sqlite, etc...
|
|
75
|
+
}
|
|
61
76
|
if (options.proxySocks) {
|
|
62
77
|
proxy = new reverse_proxy_1.default(options);
|
|
63
78
|
await proxy.start();
|
|
@@ -68,7 +83,7 @@ async function connect(uriOrOptions, logger) {
|
|
|
68
83
|
const logging = logger ? (0, utils_1.getLogger)(logger) : false;
|
|
69
84
|
opts.dialectOptions = {
|
|
70
85
|
...(opts.dialectOptions ?? {}),
|
|
71
|
-
...getSslConfiguration(opts.dialect, sslMode, logger),
|
|
86
|
+
...getSslConfiguration(opts.dialect, sslMode, servername, logger),
|
|
72
87
|
};
|
|
73
88
|
sequelize = uri
|
|
74
89
|
? new sequelize_1.Sequelize(uri, { ...opts, schema, logging })
|
|
@@ -92,4 +107,4 @@ async function connect(uriOrOptions, logger) {
|
|
|
92
107
|
}
|
|
93
108
|
}
|
|
94
109
|
exports.default = connect;
|
|
95
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
110
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvY29ubmVjdGlvbi9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7OztBQUdBLHlDQUErQztBQUUvQyw4REFBNkM7QUFDN0Msb0VBQTJDO0FBQzNDLG1DQUFxRTtBQUVyRSxTQUFTLG1CQUFtQixDQUMxQixPQUFnQixFQUNoQixPQUFnQixFQUNoQixVQUFtQixFQUNuQixNQUFlO0lBRWYsUUFBUSxPQUFPLEVBQUU7UUFDZixLQUFLLFNBQVM7WUFDWixJQUFJLE9BQU8sS0FBSyxVQUFVO2dCQUFFLE9BQU8sRUFBRSxHQUFHLEVBQUUsS0FBSyxFQUFFLENBQUM7WUFDbEQsSUFBSSxPQUFPLEtBQUssVUFBVTtnQkFBRSxPQUFPLEVBQUUsR0FBRyxFQUFFLEVBQUUsa0JBQWtCLEVBQUUsS0FBSyxFQUFFLEVBQUUsQ0FBQztZQUMxRSxJQUFJLE9BQU8sS0FBSyxRQUFRO2dCQUFFLE9BQU8sRUFBRSxHQUFHLEVBQUUsSUFBSSxFQUFFLENBQUM7WUFDL0MsTUFBTTtRQUVSLEtBQUssT0FBTztZQUNWLElBQUksT0FBTyxLQUFLLFVBQVU7Z0JBQUUsT0FBTyxFQUFFLE9BQU8sRUFBRSxFQUFFLE9BQU8sRUFBRSxLQUFLLEVBQUUsRUFBRSxDQUFDO1lBQ25FLElBQUksT0FBTyxLQUFLLFVBQVU7Z0JBQ3hCLE9BQU8sRUFBRSxPQUFPLEVBQUUsRUFBRSxPQUFPLEVBQUUsSUFBSSxFQUFFLHNCQUFzQixFQUFFLElBQUksRUFBRSxFQUFFLENBQUM7WUFDdEUsSUFBSSxPQUFPLEtBQUssUUFBUTtnQkFDdEIsT0FBTyxFQUFFLE9BQU8sRUFBRSxFQUFFLE9BQU8sRUFBRSxJQUFJLEVBQUUsc0JBQXNCLEVBQUUsS0FBSyxFQUFFLEVBQUUsQ0FBQztZQUN2RSxNQUFNO1FBRVIsS0FBSyxPQUFPO1lBQ1YsSUFBSSxPQUFPLEtBQUssVUFBVTtnQkFBRSxPQUFPLEVBQUUsR0FBRyxFQUFFLEtBQUssRUFBRSxDQUFDO1lBQ2xELElBQUksT0FBTyxLQUFLLFVBQVU7Z0JBQUUsT0FBTyxFQUFFLEdBQUcsRUFBRSxFQUFFLGtCQUFrQixFQUFFLEtBQUssRUFBRSxFQUFFLENBQUM7WUFDMUUsSUFBSSxPQUFPLEtBQUssUUFBUTtnQkFBRSxPQUFPLEVBQUUsR0FBRyxFQUFFLEVBQUUsa0JBQWtCLEVBQUUsSUFBSSxFQUFFLEVBQUUsQ0FBQztZQUN2RSxNQUFNO1FBRVIsS0FBSyxVQUFVO1lBQ2IsSUFBSSxPQUFPLEtBQUssVUFBVTtnQkFBRSxPQUFPLEVBQUUsR0FBRyxFQUFFLEtBQUssRUFBRSxDQUFDO1lBRWxELG9EQUFvRDtZQUVwRCx1QkFBdUI7WUFDdkIsMEZBQTBGO1lBQzFGLGdGQUFnRjtZQUNoRix1RkFBdUY7WUFDdkYsd0JBQXdCO1lBRXhCLDZFQUE2RTtZQUM3RSxpRUFBaUU7WUFDakUsSUFBSSxPQUFPLEtBQUssVUFBVTtnQkFDeEIsT0FBTyxFQUFFLEdBQUcsRUFBRSxFQUFFLE9BQU8sRUFBRSxJQUFJLEVBQUUsa0JBQWtCLEVBQUUsS0FBSyxFQUFFLFVBQVUsRUFBRSxFQUFFLENBQUM7WUFDM0UsSUFBSSxPQUFPLEtBQUssUUFBUTtnQkFDdEIsT0FBTyxFQUFFLEdBQUcsRUFBRSxFQUFFLE9BQU8sRUFBRSxJQUFJLEVBQUUsa0JBQWtCLEVBQUUsSUFBSSxFQUFFLFVBQVUsRUFBRSxFQUFFLENBQUM7WUFDMUUsTUFBTTtRQUVSLEtBQUssS0FBSyxDQUFDO1FBQ1gsS0FBSyxRQUFRLENBQUM7UUFDZCxLQUFLLFdBQVcsQ0FBQztRQUNqQixLQUFLLFFBQVEsQ0FBQztRQUNkO1lBQ0UsSUFBSSxPQUFPLElBQUksT0FBTyxLQUFLLFFBQVEsRUFBRTtnQkFDbkMsTUFBTSxFQUFFLENBQUMsTUFBTSxFQUFFLG9CQUFvQixPQUFPLHVCQUF1QixPQUFPLEdBQUcsQ0FBQyxDQUFDO2FBQ2hGO1lBRUQsT0FBTyxFQUFFLENBQUM7S0FDYjtBQUNILENBQUM7QUFFRCx5Q0FBeUM7QUFDMUIsS0FBSyxVQUFVLE9BQU8sQ0FDbkMsWUFBK0IsRUFDL0IsTUFBZTtJQUVmLElBQUksS0FBK0IsQ0FBQztJQUNwQyxJQUFJLFNBQWdDLENBQUM7SUFFckMsSUFBSTtRQUNGLElBQUksT0FBTyxHQUFHLE1BQU0sSUFBQSxvQkFBaUIsRUFBQyxZQUFZLENBQUMsQ0FBQztRQUNwRCxJQUFJLFVBQWtCLENBQUM7UUFFdkIsSUFBSTtZQUNGLFVBQVUsR0FBRyxPQUFPLEVBQUUsSUFBSSxJQUFJLElBQUksR0FBRyxDQUFDLE9BQU8sQ0FBQyxHQUFHLENBQUMsQ0FBQyxRQUFRLENBQUM7U0FDN0Q7UUFBQyxNQUFNO1lBQ04sbURBQW1EO1NBQ3BEO1FBRUQsSUFBSSxPQUFPLENBQUMsVUFBVSxFQUFFO1lBQ3RCLEtBQUssR0FBRyxJQUFJLHVCQUFZLENBQUMsT0FBTyxDQUFDLENBQUM7WUFDbEMsTUFBTSxLQUFLLENBQUMsS0FBSyxFQUFFLENBQUM7WUFDcEIsT0FBTyxHQUFHLEtBQUssQ0FBQyxpQkFBaUIsQ0FBQztTQUNuQztRQUVELE1BQU0sRUFBRSxHQUFHLEVBQUUsT0FBTyxFQUFFLEdBQUcsSUFBSSxFQUFFLEdBQUcsT0FBTyxDQUFDO1FBQzFDLE1BQU0sTUFBTSxHQUFHLElBQUksQ0FBQyxNQUFNLElBQUksSUFBQSxpQkFBUyxFQUFDLEdBQUcsQ0FBQyxDQUFDO1FBQzdDLE1BQU0sT0FBTyxHQUFHLE1BQU0sQ0FBQyxDQUFDLENBQUMsSUFBQSxpQkFBUyxFQUFDLE1BQU0sQ0FBQyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUM7UUFFbkQsSUFBSSxDQUFDLGNBQWMsR0FBRztZQUNwQixHQUFHLENBQUMsSUFBSSxDQUFDLGNBQWMsSUFBSSxFQUFFLENBQUM7WUFDOUIsR0FBRyxtQkFBbUIsQ0FBQyxJQUFJLENBQUMsT0FBTyxFQUFFLE9BQU8sRUFBRSxVQUFVLEVBQUUsTUFBTSxDQUFDO1NBQ2xFLENBQUM7UUFFRixTQUFTLEdBQUcsR0FBRztZQUNiLENBQUMsQ0FBQyxJQUFJLHFCQUFTLENBQUMsR0FBRyxFQUFFLEVBQUUsR0FBRyxJQUFJLEVBQUUsTUFBTSxFQUFFLE9BQU8sRUFBRSxDQUFDO1lBQ2xELENBQUMsQ0FBQyxJQUFJLHFCQUFTLENBQUMsRUFBRSxHQUFHLElBQUksRUFBRSxNQUFNLEVBQUUsT0FBTyxFQUFFLENBQUMsQ0FBQztRQUVoRCxvRUFBb0U7UUFDcEUsU0FBUyxDQUFDLEtBQUssR0FBRyxLQUFLLFVBQVUsS0FBSztZQUNwQyxJQUFJO2dCQUNGLE1BQU0scUJBQVMsQ0FBQyxTQUFTLENBQUMsS0FBSyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQzthQUM1QztvQkFBUztnQkFDUixNQUFNLEtBQUssRUFBRSxJQUFJLEVBQUUsQ0FBQzthQUNyQjtRQUNILENBQUMsQ0FBQztRQUVGLE1BQU0sU0FBUyxDQUFDLFlBQVksRUFBRSxDQUFDLENBQUMsa0JBQWtCO1FBRWxELE9BQU8sU0FBUyxDQUFDO0tBQ2xCO0lBQUMsT0FBTyxDQUFDLEVBQUU7UUFDVixNQUFNLFNBQVMsRUFBRSxLQUFLLEVBQUUsQ0FBQztRQUN6QixvRkFBb0Y7UUFDcEYsSUFBQSw0QkFBb0IsRUFBQyxLQUFLLEVBQUUsS0FBSyxJQUFLLENBQVcsQ0FBQyxDQUFDO0tBQ3BEO0FBQ0gsQ0FBQztBQXJERCwwQkFxREMifQ==
|