Cert-based authentication broken

[gregallenvt]

Starting yesterday with the upgrade to 8.4.2, connections now fail with the error message: error: connection requires a valid client certificate.

It appears that the switch to making the ssl key not enumerable means that the key is no longer copied because Object.assign() only works with enumerable properties.

This became much trickier to debug since the pg dependency on pg-pool allows for minor version upgrades. We downgraded to 7.17.0 to fix things for the short term.

Thanks

[Yonom]

We are also experiencing this same issue in two of our projects

[flo-sch]

Almost lost my mind today with that 😅

I had upgraded several dependencies and could not figure out what the problem was before reverting my upgrades and re-trying each of them one by one.

Sticking to pg 8.4.1 works for me at the moment, using it with knex:

const configuration = {
  client: 'pg',
  connection: {
    database: process.env.DATABASE_NAME,
    host: process.env.DATABASE_HOST,
    port: parseInt(process.env.DATABASE_PORT || '5432'),
    user: process.env.DATABASE_USERNAME,
    password: process.env.DATABASE_PASSWORD,
    ssl:
      process.env.DATABASE_SSL_CERT && process.env.DATABASE_SSL_KEY
        ? {
            host: process.env.DATABASE_SSL_HOST,
            ca: process.env.DATABASE_SSL_CA
              ? fs.readFileSync(process.env.DATABASE_SSL_CA)
              : undefined,
            cert: fs.readFileSync(process.env.DATABASE_SSL_CERT),
            key: fs.readFileSync(process.env.DATABASE_SSL_KEY)
          }
        : false
  }
};

[brianc]

baaaah sorry about that breakage! 😦 😦 😦 Looks like charmander is already working on a fix for it, which is rad.