status-im
/
migrate
mirror of https://github.com/status-im/migrate.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Add support for TLS on Cassandra.

This commit is contained in:
Wessel Oosthuizen 2018-10-16 11:18:38 +02:00
parent ea1928c904
commit bc28cee1dc
2 changed files with 17 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
database/cassandra/README.md
View File

@ -22,7 +22,10 @@ system_schema table which comes with 3.X
| `timeout` | 1 minute | Migration timeout
| `username` | nil | Username to use when authenticating. |
| `password` | nil | Password to use when authenticating. |
| `sslcert` | | Cert file location. The file must contain PEM encoded data. |
| `sslkey` | | Key file location. The file must contain PEM encoded data. |
| `sslrootcert` | | The location of the root certificate file. The file must contain PEM encoded data. |
| `sslmode` | | Whether or not to use SSL (disable\|require\|verify-ca\|verify-full) |
`timeout` is parsed using [time.ParseDuration(s string)](https://golang.org/pkg/time/#ParseDuration)

13
database/cassandra/cassandra.go
View File

@ -120,6 +120,19 @@ func (c *Cassandra) Open(url string) (database.Driver, error) {
cluster.Timeout = timeout
}
if len(u.Query().Get("sslmode")) > 0 && len(u.Query().Get("sslrootcert")) > 0 && len(u.Query().Get("sslcert")) > 0 && len(u.Query().Get("sslkey")) > 0 {
if u.Query().Get("sslmode") != "disable" {
cluster.SslOpts = &gocql.SslOptions{
CaPath: u.Query().Get("sslrootcert"),
CertPath: u.Query().Get("sslcert"),
KeyPath: u.Query().Get("sslkey"),
}
if u.Query().Get("sslmode") == "verify-full" {
cluster.SslOpts.EnableHostVerification = true
}
}
}
session, err := cluster.CreateSession()
if err != nil {
return nil, err