Merge pull request #266 from sabracrolleton/master

Bugfix on ssl :try and new utility functions

CHANGELOG.md

@@ -1,3 +1,30 @@
+# Changelog v. 1.32.9
+Adds new utility functions
+
+- table-description-menu which allows you to pick and choose
+what table characteristics you want returned. See giant docstring for details.
+
+- get-schema-comment which takes a schema name and returns the schema comment
+as a string
+
+- list-check-constraints which takes a fully qualified table name and returns
+a list of lists of check constraints where each sublist has the form
+of (check-constraint-name check).
+
+Example: (list-check-constraints "s2.employees")
+(("employees_birth_date_check" "CHECK (birth_date > '1900-01-01'::date)")
+ ("employees_check" "CHECK (start_date > birth_date)")
+ ("employees_salary_check" "CHECK (salary > 0::numeric)"))
+
+Now exports
+get-column-comments (the parameter string has changed if you were using the internal version)
+get-all-table-comments
+
+Bug Fixes:
+
+Fixes a bug when trying to connect to a database using ssl. If the keyword :try was used,
+the connection would not fall back to non-ssl connections.
+
 # Changelog v. 1.32.8
 S-SQL Enhancements
 

ROADMAP.md

@@ -49,10 +49,6 @@ No guarantee is given with respect to resolution or timing on any item.
 - [ ]   Named Prepared Statement explicit arglist
 - [ ]   SQL Read Table Review (comments requested on any work that should be done here)
 - [ ]   Row Reader Review (comments requested on any work that should be done here)
-- [ ]   Prepared Query Review (comments requested on any work that should be done here)
-- [ ]   Reading large bytea column over ssl connection errors have been reported. Postgresql does not
-        have a chunk API so the network is handling the content as a whole.
-- [ ]   Alter system (postgresql 9.4)
 - [ ]   Allow parameters to be passed as binary to postgresql
 
 ## Connections/Reconnections and Transactions

cl-postgres/protocol.lisp

@@ -184,7 +184,7 @@ be matched against it."
        (setf socket (funcall make-ssl-stream socket
                              :key *ssl-key-file*
                              :certificate *ssl-certificate-file*
-                             :verify (if verify 
+                             :verify (if verify
                                          :required
                                          nil)
                              :hostname hostname)))
@@ -208,9 +208,14 @@ a condition."
         (client-initial-response nil)
         (expected-server-signature nil))
     (unless (eq use-ssl :no)
-      (setf socket (initiate-ssl socket (member use-ssl '(:require :yes :full))
-                                 (member use-ssl '(:yes :full))
-                                 (if (eq use-ssl :full) hostname))))
+      (if (eq use-ssl :try)
+              (let ((old-socket socket)
+                    (new-socket (initiate-ssl socket nil nil nil)))
+                (if new-socket (setf socket new-socket)
+                    (setf socket old-socket)))
+              (setf socket (initiate-ssl socket (member use-ssl '(:require :yes :full))
+                                  (member use-ssl '(:yes :full))
+                                  (if (eq use-ssl :full) hostname)))))
     (startup-message socket user database)
     (force-output socket)
     (labels ((init-gss-msg (in-buffer)
@@ -271,34 +276,27 @@ CL-GSS package is loaded."))
                              (ecase type
                                (0 (return))
                                (2 (error 'database-error
-                                         :message "Unsupported Kerberos
-authentication requested."))
+                                         :message "Unsupported Kerberos authentication requested."))
                                (3 (unless password
-                                    (error "Server requested plain-password
-authentication, but no password was given."))
+                                    (error "Server requested plain-password authentication, but no password was given."))
                                 (plain-password-message socket password)
                                 (force-output socket))
                                (4 (error 'database-error
-                                         :message "Unsupported crypt
-authentication requested."))
+                                         :message "Unsupported crypt authentication requested."))
                                (5 (unless password
-                                    (error "Server requested md5-password
-authentication, but no password was given."))
+                                    (error "Server requested md5-password authentication, but no password was given."))
                                 (md5-password-message socket password user
                                                       (read-bytes socket 4))
                                 (force-output socket))
                                (6 (error 'database-error
-                                         :message "Unsupported SCM
-authentication requested."))
+                                         :message "Unsupported SCM authentication requested."))
                                (7 (when gss-context
                                     (error 'database-error
-                                           :message "Got GSS init message when
-a context was already established"))
+                                           :message "Got GSS init message when a context was already established"))
                                 (init-gss-msg nil))
                                (8 (unless gss-context
                                     (error 'database-error
-                                           :message "Got GSS continuation
-message without a context"))
+                                           :message "Got GSS continuation message without a context"))
                                 (init-gss-msg (read-bytes socket (- size 4))))
                                (9 ) ; auth_required_sspi or auth_req_sspi sspi
                                     ;negotiate without wrap() see postgresql