pg 8.8.0 → 8.10.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/README.md +1 -12
  2. package/lib/client.js +21 -8
  3. package/lib/connection.js +5 -4
  4. package/lib/native/client.js +0 -1
  5. package/lib/sasl.js +4 -12
  6. package/package.json +4 -4
package/README.md CHANGED
@@ -46,18 +46,7 @@ You can also follow me [@briancarlson](https://twitter.com/briancarlson) if that
46
46
 
47
47
  ## Sponsorship :two_hearts:
48
48
 
49
- node-postgres's continued development has been made possible in part by generous finanical support from [the community](https://github.com/brianc/node-postgres/blob/master/SPONSORS.md) and these featured sponsors:
50
-
51
- <div align="center">
52
- <a href="https://crate.io" target="_blank">
53
- <img height="80" src="https://node-postgres.com/crate-io.png" />
54
- </a>
55
-
56
- <img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAABCAQAAAB0m0auAAAADElEQVR42mNkIBIAAABSAAI2VLqiAAAAAElFTkSuQmCC" />
57
- <a href="https://www.eaze.com" target="_blank">
58
- <img height="80" src="https://node-postgres.com/eaze.png" />
59
- </a>
60
- </div>
49
+ node-postgres's continued development has been made possible in part by generous finanical support from [the community](https://github.com/brianc/node-postgres/blob/master/SPONSORS.md).
61
50
 
62
51
  If you or your company are benefiting from node-postgres and would like to help keep the project financially sustainable [please consider supporting](https://github.com/sponsors/brianc) its development.
63
52
 
package/lib/client.js CHANGED
@@ -1,7 +1,6 @@
1
1
  'use strict'
2
2
 
3
3
  var EventEmitter = require('events').EventEmitter
4
- var util = require('util')
5
4
  var utils = require('./utils')
6
5
  var sasl = require('./sasl')
7
6
  var pgPass = require('pgpass')
@@ -38,6 +37,7 @@ class Client extends EventEmitter {
38
37
  this._Promise = c.Promise || global.Promise
39
38
  this._types = new TypeOverrides(c.types)
40
39
  this._ending = false
40
+ this._ended = false
41
41
  this._connecting = false
42
42
  this._connected = false
43
43
  this._connectionError = false
@@ -133,6 +133,7 @@ class Client extends EventEmitter {
133
133
 
134
134
  clearTimeout(this.connectionTimeoutHandle)
135
135
  this._errorAllQueries(error)
136
+ this._ended = true
136
137
 
137
138
  if (!this._ending) {
138
139
  // if the connection is ended without us calling .end()
@@ -248,19 +249,31 @@ class Client extends EventEmitter {
248
249
 
249
250
  _handleAuthSASL(msg) {
250
251
  this._checkPgPass(() => {
251
- this.saslSession = sasl.startSession(msg.mechanisms)
252
- this.connection.sendSASLInitialResponseMessage(this.saslSession.mechanism, this.saslSession.response)
252
+ try {
253
+ this.saslSession = sasl.startSession(msg.mechanisms)
254
+ this.connection.sendSASLInitialResponseMessage(this.saslSession.mechanism, this.saslSession.response)
255
+ } catch (err) {
256
+ this.connection.emit('error', err)
257
+ }
253
258
  })
254
259
  }
255
260
 
256
261
  _handleAuthSASLContinue(msg) {
257
- sasl.continueSession(this.saslSession, this.password, msg.data)
258
- this.connection.sendSCRAMClientFinalMessage(this.saslSession.response)
262
+ try {
263
+ sasl.continueSession(this.saslSession, this.password, msg.data)
264
+ this.connection.sendSCRAMClientFinalMessage(this.saslSession.response)
265
+ } catch (err) {
266
+ this.connection.emit('error', err)
267
+ }
259
268
  }
260
269
 
261
270
  _handleAuthSASLFinal(msg) {
262
- sasl.finalizeSession(this.saslSession, msg.data)
263
- this.saslSession = null
271
+ try {
272
+ sasl.finalizeSession(this.saslSession, msg.data)
273
+ this.saslSession = null
274
+ } catch (err) {
275
+ this.connection.emit('error', err)
276
+ }
264
277
  }
265
278
 
266
279
  _handleBackendKeyData(msg) {
@@ -592,7 +605,7 @@ class Client extends EventEmitter {
592
605
  this._ending = true
593
606
 
594
607
  // if we have never connected, then end is a noop, callback immediately
595
- if (!this.connection._connecting) {
608
+ if (!this.connection._connecting || this._ended) {
596
609
  if (cb) {
597
610
  cb()
598
611
  } else {
package/lib/connection.js CHANGED
@@ -14,7 +14,12 @@ class Connection extends EventEmitter {
14
14
  constructor(config) {
15
15
  super()
16
16
  config = config || {}
17
+
17
18
  this.stream = config.stream || new net.Socket()
19
+ if (typeof this.stream === 'function') {
20
+ this.stream = this.stream(config)
21
+ }
22
+
18
23
  this._keepAlive = config.keepAlive
19
24
  this._keepAliveInitialDelayMillis = config.keepAliveInitialDelayMillis
20
25
  this.lastBuffer = false
@@ -103,9 +108,6 @@ class Connection extends EventEmitter {
103
108
  }
104
109
 
105
110
  attachListeners(stream) {
106
- stream.on('end', () => {
107
- this.emit('end')
108
- })
109
111
  parse(stream, (msg) => {
110
112
  var eventName = msg.name === 'error' ? 'errorMessage' : msg.name
111
113
  if (this._emitMessage) {
@@ -173,7 +175,6 @@ class Connection extends EventEmitter {
173
175
 
174
176
  sync() {
175
177
  this._ending = true
176
- this._send(flushBuffer)
177
178
  this._send(syncBuffer)
178
179
  }
179
180
 
package/lib/native/client.js CHANGED
@@ -3,7 +3,6 @@
3
3
  // eslint-disable-next-line
4
4
  var Native = require('pg-native')
5
5
  var TypeOverrides = require('../type-overrides')
6
- var pkg = require('../../package.json')
7
6
  var EventEmitter = require('events').EventEmitter
8
7
  var util = require('util')
9
8
  var ConnectionParameters = require('../connection-parameters')
package/lib/sasl.js CHANGED
@@ -23,6 +23,9 @@ function continueSession(session, password, serverData) {
23
23
  if (typeof password !== 'string') {
24
24
  throw new Error('SASL: SCRAM-SERVER-FIRST-MESSAGE: client password must be a string')
25
25
  }
26
+ if (password === '') {
27
+ throw new Error('SASL: SCRAM-SERVER-FIRST-MESSAGE: client password must be a non-empty string')
28
+ }
26
29
  if (typeof serverData !== 'string') {
27
30
  throw new Error('SASL: SCRAM-SERVER-FIRST-MESSAGE: serverData must be a string')
28
31
  }
@@ -37,7 +40,7 @@ function continueSession(session, password, serverData) {
37
40
 
38
41
  var saltBytes = Buffer.from(sv.salt, 'base64')
39
42
 
40
- var saltedPassword = Hi(password, saltBytes, sv.iteration)
43
+ var saltedPassword = crypto.pbkdf2Sync(password, saltBytes, sv.iteration, 32, 'sha256')
41
44
 
42
45
  var clientKey = hmacSha256(saltedPassword, 'Client Key')
43
46
  var storedKey = sha256(clientKey)
@@ -191,17 +194,6 @@ function hmacSha256(key, msg) {
191
194
  return crypto.createHmac('sha256', key).update(msg).digest()
192
195
  }
193
196
 
194
- function Hi(password, saltBytes, iterations) {
195
- var ui1 = hmacSha256(password, Buffer.concat([saltBytes, Buffer.from([0, 0, 0, 1])]))
196
- var ui = ui1
197
- for (var i = 0; i < iterations - 1; i++) {
198
- ui1 = hmacSha256(password, ui1)
199
- ui = xorBuffers(ui, ui1)
200
- }
201
-
202
- return ui
203
- }
204
-
205
197
  module.exports = {
206
198
  startSession,
207
199
  continueSession,
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "pg",
3
- "version": "8.8.0",
3
+ "version": "8.10.0",
4
4
  "description": "PostgreSQL client - pure javascript & libpq with the same API",
5
5
  "keywords": [
6
6
  "database",
@@ -23,8 +23,8 @@
23
23
  "buffer-writer": "2.0.0",
24
24
  "packet-reader": "1.0.0",
25
25
  "pg-connection-string": "^2.5.0",
26
- "pg-pool": "^3.5.2",
27
- "pg-protocol": "^1.5.0",
26
+ "pg-pool": "^3.6.0",
27
+ "pg-protocol": "^1.6.0",
28
28
  "pg-types": "^2.1.0",
29
29
  "pgpass": "1.x"
30
30
  },
@@ -53,5 +53,5 @@
53
53
  "engines": {
54
54
  "node": ">= 8.0.0"
55
55
  },
56
- "gitHead": "c99fb2c127ddf8d712500db2c7b9a5491a178655"
56
+ "gitHead": "ee302cbcf10437e34fd05d70fc003c357b14c654"
57
57
  }