From 25ec13bfea00ae66b6ec302b58d5b4846a856045 Mon Sep 17 00:00:00 2001
From: Charmander <~@charmander.me>
Date: Mon, 24 Feb 2020 18:49:59 -0800
Subject: [PATCH] Revert "Revert "Support additional tls.connect() options
 (#1996)" (#2010)"

This reverts commit 510a273ce45fb73d0355cf384e97ea695c8a5bcc.
---
 packages/pg/lib/connection-fast.js | 20 +++-----------------
 packages/pg/lib/connection.js      | 20 +++-----------------
 2 files changed, 6 insertions(+), 34 deletions(-)

diff --git a/packages/pg/lib/connection-fast.js b/packages/pg/lib/connection-fast.js
index a31d92a20..631ea3b0e 100644
--- a/packages/pg/lib/connection-fast.js
+++ b/packages/pg/lib/connection-fast.js
@@ -15,8 +15,6 @@ var Writer = require('buffer-writer')
 // eslint-disable-next-line
 var PacketStream = require('pg-packet-stream')
 
-var warnDeprecation = require('./compat/warn-deprecation')
-
 var TEXT_MODE = 0
 
 // TODO(bmc) support binary mode here
@@ -95,21 +93,9 @@ Connection.prototype.connect = function (port, host) {
         return self.emit('error', new Error('There was an error establishing an SSL connection'))
     }
     var tls = require('tls')
-    const options = {
-      socket: self.stream,
-      checkServerIdentity: self.ssl.checkServerIdentity || tls.checkServerIdentity,
-      rejectUnauthorized: self.ssl.rejectUnauthorized,
-      ca: self.ssl.ca,
-      pfx: self.ssl.pfx,
-      key: self.ssl.key,
-      passphrase: self.ssl.passphrase,
-      cert: self.ssl.cert,
-      secureOptions: self.ssl.secureOptions,
-      NPNProtocols: self.ssl.NPNProtocols
-    }
-    if (typeof self.ssl.rejectUnauthorized !== 'boolean') {
-      warnDeprecation('Implicit disabling of certificate verification is deprecated and will be removed in pg 8. Specify `rejectUnauthorized: true` to require a valid CA or `rejectUnauthorized: false` to explicitly opt out of MITM protection.', 'PG-SSL-VERIFY')
-    }
+    const options = Object.assign({
+      socket: self.stream
+    }, self.ssl)
     if (net.isIP(host) === 0) {
       options.servername = host
     }
diff --git a/packages/pg/lib/connection.js b/packages/pg/lib/connection.js
index ca904432c..03b85bf50 100644
--- a/packages/pg/lib/connection.js
+++ b/packages/pg/lib/connection.js
@@ -14,8 +14,6 @@ var util = require('util')
 var Writer = require('buffer-writer')
 var Reader = require('packet-reader')
 
-var warnDeprecation = require('./compat/warn-deprecation')
-
 var TEXT_MODE = 0
 var BINARY_MODE = 1
 var Connection = function (config) {
@@ -93,21 +91,9 @@ Connection.prototype.connect = function (port, host) {
         return self.emit('error', new Error('There was an error establishing an SSL connection'))
     }
     var tls = require('tls')
-    const options = {
-      socket: self.stream,
-      checkServerIdentity: self.ssl.checkServerIdentity || tls.checkServerIdentity,
-      rejectUnauthorized: self.ssl.rejectUnauthorized,
-      ca: self.ssl.ca,
-      pfx: self.ssl.pfx,
-      key: self.ssl.key,
-      passphrase: self.ssl.passphrase,
-      cert: self.ssl.cert,
-      secureOptions: self.ssl.secureOptions,
-      NPNProtocols: self.ssl.NPNProtocols
-    }
-    if (typeof self.ssl.rejectUnauthorized !== 'boolean') {
-      warnDeprecation('Implicit disabling of certificate verification is deprecated and will be removed in pg 8. Specify `rejectUnauthorized: true` to require a valid CA or `rejectUnauthorized: false` to explicitly opt out of MITM protection.', 'PG-SSL-VERIFY')
-    }
+    const options = Object.assign({
+      socket: self.stream
+    }, self.ssl)
     if (net.isIP(host) === 0) {
       options.servername = host
     }