|
16 | 16 | use Bolt\connection\StreamSocket; |
17 | 17 | use Exception; |
18 | 18 | use function explode; |
19 | | -use const FILTER_VALIDATE_IP; |
20 | | -use function filter_var; |
21 | 19 | use Laudis\Neo4j\Bolt\BoltDriver; |
| 20 | +use Laudis\Neo4j\Common\TransactionHelper; |
22 | 21 | use Laudis\Neo4j\Common\Uri; |
23 | 22 | use Laudis\Neo4j\Contracts\AuthenticateInterface; |
24 | 23 | use Laudis\Neo4j\Contracts\ConnectionPoolInterface; |
@@ -57,50 +56,39 @@ public function acquire(UriInterface $uri, AccessMode $mode, AuthenticateInterfa |
57 | 56 | $table = $this->routingTable($uri, $authenticate); |
58 | 57 | $server = $this->getNextServer($table, $mode); |
59 | 58 |
|
60 | | - $socket = $this->pool->acquire(Uri::create($server), $mode, $authenticate); |
| 59 | + $socket = $this->pool->acquire($server, $mode, $authenticate); |
61 | 60 |
|
62 | 61 | $scheme = $uri->getScheme(); |
63 | 62 | $explosion = explode('+', $scheme, 2); |
64 | 63 | $sslConfig = $explosion[1] ?? ''; |
65 | 64 |
|
66 | 65 | if (str_starts_with('s', $sslConfig)) { |
67 | | - $this->enableSsl($server, $sslConfig, $socket, $uri); |
| 66 | + // We have to pass a different host when working with ssl on aura. |
| 67 | + // There is a strange behaviour where if we pass the uri host on a single |
| 68 | + // instance aura deployment, we need to pass the original uri for the |
| 69 | + // ssl configuration to be valid. |
| 70 | + if ($table->getWithRole()->count() > 1) { |
| 71 | + TransactionHelper::enableSsl($server->getHost(), $sslConfig, $socket); |
| 72 | + } else { |
| 73 | + TransactionHelper::enableSsl($uri->getHost(), $sslConfig, $socket); |
| 74 | + } |
68 | 75 | } |
69 | 76 |
|
70 | 77 | return $socket; |
71 | 78 | } |
72 | 79 |
|
73 | | - private function enableSsl(string $host, string $sslConfig, StreamSocket $sock, UriInterface $uri): void |
74 | | - { |
75 | | - // Pass a standard option to enable ssl as there is no direct flag |
76 | | - // and \Bolt\Bolt only turns on ssl if an option is passed. |
77 | | - $options = [ |
78 | | - 'verify_peer' => true, |
79 | | - 'peer_name' => $uri->getHost(), |
80 | | - ]; |
81 | | - if (!filter_var($host, FILTER_VALIDATE_IP)) { |
82 | | - $options['SNI_enabled'] = true; |
83 | | - } |
84 | | - if ($sslConfig === 's') { |
85 | | - $sock->setSslContextOptions($options); |
86 | | - } elseif ($sslConfig === 'ssc') { |
87 | | - $options['allow_self_signed'] = true; |
88 | | - $sock->setSslContextOptions($options); |
89 | | - } |
90 | | - } |
91 | | - |
92 | 80 | /** |
93 | 81 | * @throws Exception |
94 | 82 | */ |
95 | | - private function getNextServer(RoutingTable $table, AccessMode $mode): string |
| 83 | + private function getNextServer(RoutingTable $table, AccessMode $mode): Uri |
96 | 84 | { |
97 | 85 | if (AccessMode::WRITE() === $mode) { |
98 | 86 | $servers = $table->getWithRole(RoutingRoles::LEADER()); |
99 | 87 | } else { |
100 | 88 | $servers = $table->getWithRole(RoutingRoles::FOLLOWER()); |
101 | 89 | } |
102 | 90 |
|
103 | | - return $servers->get(random_int(0, $servers->count() - 1)); |
| 91 | + return Uri::create($servers->get(random_int(0, $servers->count() - 1))); |
104 | 92 | } |
105 | 93 |
|
106 | 94 | /** |
|
0 commit comments