pg 8.11.0 → 8.11.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/lib/client.js +5 -0
  2. package/lib/crypto/utils-webcrypto.js +83 -0
  3. package/lib/crypto/utils.js +2 -85
  4. package/lib/native/client.js +5 -0
  5. package/package.json +5 -5
package/lib/client.js CHANGED
@@ -520,6 +520,11 @@ class Client extends EventEmitter {
520
520
  if (!query.callback) {
521
521
  result = new this._Promise((resolve, reject) => {
522
522
  query.callback = (err, res) => (err ? reject(err) : resolve(res))
523
+ }).catch(err => {
524
+ // replace the stack trace that leads to `TCP.onStreamRead` with one that leads back to the
525
+ // application that created the query
526
+ Error.captureStackTrace(err);
527
+ throw err;
523
528
  })
524
529
  }
525
530
  }
package/lib/crypto/utils-webcrypto.js ADDED
@@ -0,0 +1,83 @@
1
+ const nodeCrypto = require('crypto')
2
+
3
+ module.exports = {
4
+ postgresMd5PasswordHash,
5
+ randomBytes,
6
+ deriveKey,
7
+ sha256,
8
+ hmacSha256,
9
+ md5,
10
+ }
11
+
12
+ /**
13
+ * The Web Crypto API - grabbed from the Node.js library or the global
14
+ * @type Crypto
15
+ */
16
+ const webCrypto = nodeCrypto.webcrypto || globalThis.crypto
17
+ /**
18
+ * The SubtleCrypto API for low level crypto operations.
19
+ * @type SubtleCrypto
20
+ */
21
+ const subtleCrypto = webCrypto.subtle
22
+ const textEncoder = new TextEncoder()
23
+
24
+ /**
25
+ *
26
+ * @param {*} length
27
+ * @returns
28
+ */
29
+ function randomBytes(length) {
30
+ return webCrypto.getRandomValues(Buffer.alloc(length))
31
+ }
32
+
33
+ async function md5(string) {
34
+ try {
35
+ return nodeCrypto.createHash('md5').update(string, 'utf-8').digest('hex')
36
+ } catch (e) {
37
+ // `createHash()` failed so we are probably not in Node.js, use the WebCrypto API instead.
38
+ // Note that the MD5 algorithm on WebCrypto is not available in Node.js.
39
+ // This is why we cannot just use WebCrypto in all environments.
40
+ const data = typeof string === 'string' ? textEncoder.encode(string) : string
41
+ const hash = await subtleCrypto.digest('MD5', data)
42
+ return Array.from(new Uint8Array(hash))
43
+ .map((b) => b.toString(16).padStart(2, '0'))
44
+ .join('')
45
+ }
46
+ }
47
+
48
+ // See AuthenticationMD5Password at https://www.postgresql.org/docs/current/static/protocol-flow.html
49
+ async function postgresMd5PasswordHash(user, password, salt) {
50
+ var inner = await md5(password + user)
51
+ var outer = await md5(Buffer.concat([Buffer.from(inner), salt]))
52
+ return 'md5' + outer
53
+ }
54
+
55
+ /**
56
+ * Create a SHA-256 digest of the given data
57
+ * @param {Buffer} data
58
+ */
59
+ async function sha256(text) {
60
+ return await subtleCrypto.digest('SHA-256', text)
61
+ }
62
+
63
+ /**
64
+ * Sign the message with the given key
65
+ * @param {ArrayBuffer} keyBuffer
66
+ * @param {string} msg
67
+ */
68
+ async function hmacSha256(keyBuffer, msg) {
69
+ const key = await subtleCrypto.importKey('raw', keyBuffer, { name: 'HMAC', hash: 'SHA-256' }, false, ['sign'])
70
+ return await subtleCrypto.sign('HMAC', key, textEncoder.encode(msg))
71
+ }
72
+
73
+ /**
74
+ * Derive a key from the password and salt
75
+ * @param {string} password
76
+ * @param {Uint8Array} salt
77
+ * @param {number} iterations
78
+ */
79
+ async function deriveKey(password, salt, iterations) {
80
+ const key = await subtleCrypto.importKey('raw', textEncoder.encode(password), 'PBKDF2', false, ['deriveBits'])
81
+ const params = { name: 'PBKDF2', hash: 'SHA-256', salt: salt, iterations: iterations }
82
+ return await subtleCrypto.deriveBits(params, key, 32 * 8, ['deriveBits'])
83
+ }
package/lib/crypto/utils.js CHANGED
@@ -4,89 +4,6 @@ const useLegacyCrypto = parseInt(process.versions && process.versions.node && pr
4
4
  if (useLegacyCrypto) {
5
5
  // We are on an old version of Node.js that requires legacy crypto utilities.
6
6
  module.exports = require('./utils-legacy')
7
- return
8
- }
9
-
10
- const nodeCrypto = require('crypto')
11
-
12
- module.exports = {
13
- postgresMd5PasswordHash,
14
- randomBytes,
15
- deriveKey,
16
- sha256,
17
- hmacSha256,
18
- md5,
19
- }
20
-
21
- /**
22
- * The Web Crypto API - grabbed from the Node.js library or the global
23
- * @type Crypto
24
- */
25
- const webCrypto = nodeCrypto.webcrypto || globalThis.crypto
26
- /**
27
- * The SubtleCrypto API for low level crypto operations.
28
- * @type SubtleCrypto
29
- */
30
- const subtleCrypto = webCrypto.subtle
31
- const textEncoder = new TextEncoder()
32
-
33
- /**
34
- *
35
- * @param {*} length
36
- * @returns
37
- */
38
- function randomBytes(length) {
39
- return webCrypto.getRandomValues(Buffer.alloc(length))
40
- }
41
-
42
- async function md5(string) {
43
- try {
44
- return nodeCrypto.createHash('md5').update(string, 'utf-8').digest('hex')
45
- } catch (e) {
46
- // `createHash()` failed so we are probably not in Node.js, use the WebCrypto API instead.
47
- // Note that the MD5 algorithm on WebCrypto is not available in Node.js.
48
- // This is why we cannot just use WebCrypto in all environments.
49
- const data = typeof string === 'string' ? textEncoder.encode(string) : string
50
- const hash = await subtleCrypto.digest('MD5', data)
51
- return Array.from(new Uint8Array(hash))
52
- .map((b) => b.toString(16).padStart(2, '0'))
53
- .join('')
54
- }
55
- }
56
-
57
- // See AuthenticationMD5Password at https://www.postgresql.org/docs/current/static/protocol-flow.html
58
- async function postgresMd5PasswordHash(user, password, salt) {
59
- var inner = await md5(password + user)
60
- var outer = await md5(Buffer.concat([Buffer.from(inner), salt]))
61
- return 'md5' + outer
62
- }
63
-
64
- /**
65
- * Create a SHA-256 digest of the given data
66
- * @param {Buffer} data
67
- */
68
- async function sha256(text) {
69
- return await subtleCrypto.digest('SHA-256', text)
70
- }
71
-
72
- /**
73
- * Sign the message with the given key
74
- * @param {ArrayBuffer} keyBuffer
75
- * @param {string} msg
76
- */
77
- async function hmacSha256(keyBuffer, msg) {
78
- const key = await subtleCrypto.importKey('raw', keyBuffer, { name: 'HMAC', hash: 'SHA-256' }, false, ['sign'])
79
- return await subtleCrypto.sign('HMAC', key, textEncoder.encode(msg))
80
- }
81
-
82
- /**
83
- * Derive a key from the password and salt
84
- * @param {string} password
85
- * @param {Uint8Array} salt
86
- * @param {number} iterations
87
- */
88
- async function deriveKey(password, salt, iterations) {
89
- const key = await subtleCrypto.importKey('raw', textEncoder.encode(password), 'PBKDF2', false, ['deriveBits'])
90
- const params = { name: 'PBKDF2', hash: 'SHA-256', salt: salt, iterations: iterations }
91
- return await subtleCrypto.deriveBits(params, key, 32 * 8, ['deriveBits'])
7
+ } else {
8
+ module.exports = require('./utils-webcrypto');
92
9
  }
package/lib/native/client.js CHANGED
@@ -35,6 +35,7 @@ var Client = (module.exports = function (config) {
35
35
  // keep these on the object for legacy reasons
36
36
  // for the time being. TODO: deprecate all this jazz
37
37
  var cp = (this.connectionParameters = new ConnectionParameters(config))
38
+ if (config.nativeConnectionString) cp.nativeConnectionString = config.nativeConnectionString
38
39
  this.user = cp.user
39
40
 
40
41
  // "hiding" the password so it doesn't show up in stack traces
@@ -88,6 +89,7 @@ Client.prototype._connect = function (cb) {
88
89
  this._connecting = true
89
90
 
90
91
  this.connectionParameters.getLibpqConnectionString(function (err, conString) {
92
+ if (self.connectionParameters.nativeConnectionString) conString = self.connectionParameters.nativeConnectionString
91
93
  if (err) return cb(err)
92
94
  self.native.connect(conString, function (err) {
93
95
  if (err) {
@@ -172,6 +174,9 @@ Client.prototype.query = function (config, values, callback) {
172
174
  result = new this._Promise((resolve, reject) => {
173
175
  resolveOut = resolve
174
176
  rejectOut = reject
177
+ }).catch(err => {
178
+ Error.captureStackTrace(err);
179
+ throw err;
175
180
  })
176
181
  query.callback = (err, res) => (err ? rejectOut(err) : resolveOut(res))
177
182
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "pg",
3
- "version": "8.11.0",
3
+ "version": "8.11.2",
4
4
  "description": "PostgreSQL client - pure javascript & libpq with the same API",
5
5
  "keywords": [
6
6
  "database",
@@ -22,8 +22,8 @@
22
22
  "dependencies": {
23
23
  "buffer-writer": "2.0.0",
24
24
  "packet-reader": "1.0.0",
25
- "pg-connection-string": "^2.6.0",
26
- "pg-pool": "^3.6.0",
25
+ "pg-connection-string": "^2.6.2",
26
+ "pg-pool": "^3.6.1",
27
27
  "pg-protocol": "^1.6.0",
28
28
  "pg-types": "^2.1.0",
29
29
  "pgpass": "1.x"
@@ -39,7 +39,7 @@
39
39
  "wrangler": "^2.16.0"
40
40
  },
41
41
  "optionalDependencies": {
42
- "pg-cloudflare": "^1.1.0"
42
+ "pg-cloudflare": "^1.1.1"
43
43
  },
44
44
  "peerDependencies": {
45
45
  "pg-native": ">=3.0.1"
@@ -60,5 +60,5 @@
60
60
  "engines": {
61
61
  "node": ">= 8.0.0"
62
62
  },
63
- "gitHead": "14b840e96e57fc0617b5c4758f6318f774148ee4"
63
+ "gitHead": "a2a355a6807bf75d92d7f0cb0f219588811a5356"
64
64
  }