Comments (4)
I'm guessing to do this, I'll need to change the functor to use Conduit: https://github.com/mirage/ocaml-conduit
from pgx.
I'm wondering if it's possible to ignore this in the main functor and handle it entire in Pgx_async / Pgx_lwt /etc. We'll have to make sure there's reasonable error handling though.
from pgx.
Using Conduit was surprisingly easy:
diff --git a/pgx_async.opam b/pgx_async.opam
index e9dbcfe..8f9e4b8 100644
--- a/pgx_async.opam
+++ b/pgx_async.opam
@@ -12,8 +12,10 @@ depends: [
"dune" {>= "1.11"}
"alcotest-async" {with-test & >= "1.0.0"}
"async_kernel" {>= "v0.13.0"}
+ "async_ssl"
"async_unix" {>= "v0.13.0"}
"base64" {with-test & >= "3.0.0"}
+ "conduit-async"
"ocaml" {>= "4.08"}
"pgx" {= version}
"pgx_value_core" {= version}
diff --git a/pgx_async/src/dune b/pgx_async/src/dune
index 5e63847..e361930 100644
--- a/pgx_async/src/dune
+++ b/pgx_async/src/dune
@@ -11,6 +11,6 @@ let () = Jbuild_plugin.V1.send @@ {|
(library
(public_name pgx_async)
(wrapped false)
- (libraries async_kernel async_unix pgx_value_core)
+ (libraries async_kernel async_unix conduit-async pgx_value_core)
|} ^ preprocess ^ {|)
|}
diff --git a/pgx_async/src/pgx_async.ml b/pgx_async/src/pgx_async.ml
index 7aec8ae..27c954e 100644
--- a/pgx_async/src/pgx_async.ml
+++ b/pgx_async/src/pgx_async.ml
@@ -73,19 +73,13 @@ module Thread = struct
let close_in = Reader.close
let open_connection sockaddr =
- let get_reader_writer socket =
- let fd = Socket.fd socket in
- Reader.create fd, Writer.create fd
- in
match sockaddr with
- | Unix path ->
- let unix_sockaddr = Tcp.Where_to_connect.of_unix_address (`Unix path) in
- Tcp.connect_sock unix_sockaddr >>| get_reader_writer
+ | Unix path -> Conduit_async.connect (`Unix_domain_socket path)
| Inet (host, port) ->
- let inet_sockaddr =
- Tcp.Where_to_connect.of_host_and_port (Host_and_port.create ~host ~port)
- in
- Tcp.connect_sock inet_sockaddr >>| get_reader_writer
+ Uri.make ~scheme:"tcp" ~host ~port ()
+ |> Conduit_async.V3.resolve_uri
+ >>= Conduit_async.V3.connect
+ >>| fun (_socket, in_channel, out_channel) -> in_channel, out_channel
;;
(* The unix getlogin syscall can fail *)
Unfortunately, if I switch the scheme to "https" (to trick it into trying to use TLS), I get errors like:
[exception] (monitor.ml.Error
("attempt to use closed writer"
((file_descr 12) (info (writer async_conduit_ssl_writer)) (kind Fifo)))
("Raised at Base__Error.raise in file "src/error.ml" (inlined), line 8, characters 14-30"
"Called from Base__Error.raise_s in file "src/error.ml", line 9, characters 19-40"
"Called from Async_unix__Writer0.write_char in file "src/writer0.ml" (inlined), line 1594, characters 2-20"
"Called from Pgx_async.Thread.output_binary_int in file "pgx_async/src/pgx_async.ml", line 38, characters 4-40"
"Called from Pgx.Make.send_message.(fun) in file "pgx/src/pgx.ml", line 448, characters 4-30"
"Called from Async_kernel__Deferred0.bind.(fun) in file "src/deferred0.ml", line 54, characters 64-69"
"Called from Async_kernel__Job_queue.run_jobs in file "src/job_queue.ml", line 167, characters 6-47"))
Raised at Base__Error.raise in file "src/error.ml" (inlined), line 8, characters 14-30
Called from Base__Error.raise_s in file "src/error.ml", line 9, characters 19-40
Called from Async_unix__Writer0.write_char in file "src/writer0.ml" (inlined), line 1594, characters 2-20
Called from Pgx_async.Thread.output_binary_int in file "pgx_async/src/pgx_async.ml", line 38, characters 4-40
Called from Pgx.Make.send_message.(fun) in file "pgx/src/pgx.ml", line 448, characters 4-30
Called from Async_kernel__Deferred0.bind.(fun) in file "src/deferred0.ml", line 54, characters 64-69
Called from Async_kernel__Job_queue.run_jobs in file "src/job_queue.ml", line 167, characters 6-47
I'm having trouble finding documentation, but I suspect Postgres is using startls and Conduit wants normal TLS.
from pgx.
Here's the Postgres documentation for doing TLS: https://www.postgresql.org/docs/9.3/protocol-flow.html#AEN100021
Essentially we need to:
- Send an SSLRequest message
- Wait for a single byte from the server ('S' or 'N')
- If the byte was 'S', upgrade the current connection to use TLS. If the byte was 'N' just continue to the next step.
- Continue the normal setup
from pgx.
Related Issues (20)
- Module name clash HOT 1
- Support connection service file HOT 1
- Remove Pgx_async_test from the public API
- Pgx_eof errors are hard to debug HOT 1
- Support TLS for Pgx_lwt_unix
- Support PG* environment variables for TLS configuration HOT 1
- Nested Transactions
- More guards around transactions
- Server hangs up during authentication HOT 5
- Support SASL and SCRAM-SHA-256
- Any ORM suite for OCaml , working with pgx together?
- Use BINARY mode for results HOT 1
- Wrong clause number in LGPL special exception
- Deprecated `Stream` module HOT 1
- unix_domain_socket_dir HOT 1
- Add Date and Time Pgx.Values for Lwt backend HOT 4
- Run dune-release lint in CI HOT 1
- Build in CI with `-p` argument HOT 1
- Add Pgx_value_ptime with ptime converters HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from pgx.