Use scram package from lib/pq

cyberark · Sep 14, 2023 · 719439d · 719439d
1 parent 454c154
commit 719439d
Show file tree

Hide file tree

Showing 7 changed files with 11 additions and 255 deletions.
diff --git a/go.mod b/go.mod
@@ -4,14 +4,14 @@ require (
 	github.com/aws/aws-sdk-go v1.44.0
 	github.com/cenkalti/backoff v2.2.1+incompatible
 	github.com/denisenkom/go-mssqldb v0.12.3
-	github.com/docker/docker v24.0.5+incompatible
+	github.com/docker/docker v20.10.17+incompatible
 	github.com/fsnotify/fsnotify v1.5.4
 	github.com/go-ozzo/ozzo-validation v3.6.0+incompatible
 	github.com/hashicorp/vault/api v1.7.2
 	github.com/heptiolabs/healthcheck v0.0.0-20211123025425-613501dd5deb
 	github.com/joho/godotenv v1.4.0
 	github.com/keybase/go-keychain v0.0.0-20220610143837-c2ce06069005
-	github.com/lib/pq v1.10.6
+	github.com/lib/pq v1.10.9
 	github.com/pkg/errors v0.9.1
 	github.com/pkg/profile v1.6.0
 	github.com/stretchr/testify v1.8.0

diff --git a/go.sum b/go.sum
@@ -143,8 +143,8 @@ github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs
 github.com/dgrijalva/jwt-go/v4 v4.0.0-preview1/go.mod h1:+hnT3ywWDTAFrW5aE+u2Sa/wT555ZqwoCS+pk3p6ry4=
 github.com/docker/distribution v2.8.1+incompatible h1:Q50tZOPR6T/hjNsyc9g8/syEs6bk8XXApsHjKukMl68=
 github.com/docker/distribution v2.8.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
-github.com/docker/docker v24.0.5+incompatible h1:WmgcE4fxyI6EEXxBRxsHnZXrO1pQ3smi0k/jho4HLeY=
-github.com/docker/docker v24.0.5+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
+github.com/docker/docker v20.10.17+incompatible h1:JYCuMrWaVNophQTOrMMoSwudOVEfcegoZZrleKc1xwE=
+github.com/docker/docker v20.10.17+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
 github.com/docker/go-connections v0.4.0 h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ=
 github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec=
 github.com/docker/go-units v0.4.0 h1:3uh0PgVws3nIA0Q+MwDC8yjEPf9zjRfZZWXZYDct3Tw=
@@ -415,8 +415,8 @@ github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
-github.com/lib/pq v1.10.6 h1:jbk+ZieJ0D7EVGJYpL9QTz7/YW6UHbmdnZWYyK5cdBs=
-github.com/lib/pq v1.10.6/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
+github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw=
+github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
 github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ=
 github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
 github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=

diff --git a/internal/plugin/connectors/tcp/pg/protocol/auth.go b/internal/plugin/connectors/tcp/pg/protocol/auth.go
@@ -23,7 +23,7 @@ import (
 	"io"
 	"net"
 
-	"github.com/cyberark/secretless-broker/internal/plugin/connectors/tcp/pg/protocol/scram"
+	"github.com/lib/pq/scram"
 )
 
 // HandleAuthenticationRequest sends credentials to the server and reports whether they were accepted or not.

diff --git a/internal/plugin/connectors/tcp/pg/protocol/message.go b/internal/plugin/connectors/tcp/pg/protocol/message.go
@@ -62,13 +62,6 @@ func (message *MessageBuffer) ReadByte() (byte, error) {
 	return message.buffer.ReadByte()
 }
 
-func (message *MessageBuffer) Read(n int) ([]byte, error) {
-	readData := make([]byte, n)
-	_, err := message.buffer.Read(readData)
-	// TODO: what if the contents read are less than the slot ?
-	return readData, err
-}
-
 // ReadString reads a string from the message buffer.
 //
 // This function will read and return the next Null terminated string from the

diff --git a/internal/plugin/connectors/tcp/pg/protocol/scram/scram.go b/internal/plugin/connectors/tcp/pg/protocol/scram/scram.go
diff --git a/test/connector/tcp/pg/pg_hba.conf b/test/connector/tcp/pg/pg_hba.conf
@@ -1,10 +1,10 @@
 # TYPE  DATABASE        USER            ADDRESS                 METHOD
 
 # "local" is for Unix domain socket connections only
-local   all             all                                     md5
+local   all             all                                     scram-sha-256
 
 # "postgres" user from any host
-host    all             postgres         all                     md5
+host    all             postgres         all                     scram-sha-256
 
 # all other users with md5 password
-host    all             all              all                     md5
+host    all             all              all                     scram-sha-256
diff --git a/test/connector/tcp/pg/postgresql.conf b/test/connector/tcp/pg/postgresql.conf
@@ -93,7 +93,7 @@ max_connections = 100			# (change requires restart)
 # - Authentication -
 
 #authentication_timeout = 1min		# 1s-600s
-password_encryption = scram-sha-256 	# scram-sha-256 or md5
+password_encryption = scram-sha-256 # scram-sha-256 or md5
 
 #db_user_namespace = off
-Original file line number
+Diff line change
@@ Expand Up / @@ -23,7 +23,7 @@ import ( @@
     	"io"
     	"net"
-    	"github.com/cyberark/secretless-broker/internal/plugin/connectors/tcp/pg/protocol/scram"
+    	"github.com/lib/pq/scram"
     )
     // HandleAuthenticationRequest sends credentials to the server and reports whether they were accepted or not.
@@ Expand Down @@