support tls

Author: shiyuhang0

lib/commands/client_handshake.js

@@ -15,6 +15,7 @@ const Packets = require('../packets/index.js');
 const ClientConstants = require('../constants/client.js');
 const CharsetToEncoding = require('../constants/charset_encodings.js');
 const auth41 = require('../auth_41.js');
+const {secureStream} = require('../stream.js');
 
 function flagNames(flags) {
   const res = [];
@@ -146,25 +147,11 @@ class ClientHandshake extends Command {
       // send ssl upgrade request and immediately upgrade connection to secure
       this.clientFlags |= ClientConstants.SSL;
       this.sendSSLRequest(connection);
-      connection.startTLS(err => {
-        // after connection is secure
-        if (err) {
-          // SSL negotiation error are fatal
-          err.code = 'HANDSHAKE_SSL_ERROR';
-          err.fatal = true;
-          this.emit('error', err);
-          return;
-        }
-        // rest of communication is encrypted
-        this.sendCredentials(connection).catch(err => {
-          this.emit('error', err);
-        });
-      });
-    } else {
-      this.sendCredentials(connection).catch(err => {
-        this.emit('error', err);
-      });
+      secureStream(connection)
     }
+    this.sendCredentials(connection).catch(err => {
+      this.emit('error', err);
+    });
     if (multiFactorAuthentication) {
       // if the server supports multi-factor authentication, we enable it in
       // the client

lib/connection.js

@@ -15,7 +15,6 @@
 
 'use strict';
 
-const Tls = require('tls');
 const EventEmitter = require('events').EventEmitter;
 const Readable = require('stream').Readable;
 const Queue = require('denque');
@@ -341,6 +340,7 @@ class Connection extends EventEmitter {
 
   // 0.11+ environment
   startTLS(onSecure) {
+    const Tls = require('tls');
     if (this.config.debug) {
       // eslint-disable-next-line no-console
       console.log('Upgrading connection to TLS');

lib/stream.js

@@ -12,3 +12,31 @@ module.exports.getStream = function getStream(ssl = false) {
   const { CloudflareSocket } = require('pg-cloudflare')
   return new CloudflareSocket(ssl);
 }
+
+/**
+ * Get a TLS secured socket, compatible with the current environment,
+ * using the socket and other settings given in `options`.
+ */
+module.exports.secureStream = function secureStream(connection) {
+  const Tls = require('tls');
+  if (Tls.connect) {
+    connection.startTLS(err => {
+      // after connection is secure
+      if (err) {
+        // SSL negotiation error are fatal
+        err.code = 'HANDSHAKE_SSL_ERROR';
+        err.fatal = true;
+        this.emit('error', err);
+      }
+    });
+    return
+  }
+  try {
+    connection.stream.startTls({});
+  }catch (err) {
+    // SSL negotiation error are fatal
+    err.code = 'HANDSHAKE_SSL_ERROR';
+    err.fatal = true;
+    this.emit('error', err);
+  }
+}