Commit 87199da2 authored by Kirill Smelkov's avatar Kirill Smelkov

X go/neo: Fix credentials parsing with go1.17

Due to security concerns, go1.17, even though very reluctantly,
similarly to Python broke backward compatibility and stopped to treat ';'
as separator when parsing URL queries.

We still want to accept ';' as separator in credential part.
-> Work it around by replacing ';' -> to '&'.

See https://golang.org/doc/go1.17#semicolons and https://github.com/golang/go/issues/25192 for context.

See also: cf685fb5 (fixup! Y client: Fix URI scheme to move credentials out of query)
parent cf685fb5
...@@ -425,6 +425,8 @@ func openClientByURL(ctx context.Context, u *url.URL, opt *zodb.DriverOptions) ( ...@@ -425,6 +425,8 @@ func openClientByURL(ctx context.Context, u *url.URL, opt *zodb.DriverOptions) (
} }
cred := u.User.String() cred := u.User.String()
// ca=ca.crt;cert=my.crt;key=my.key
cred = strings.ReplaceAll(cred, ";", "&") // ; is no longer in default separators set https://github.com/golang/go/issues/25192
x, err := xurl.ParseQuery(cred) x, err := xurl.ParseQuery(cred)
if err != nil { if err != nil {
return nil, zodb.InvalidTid, fmt.Errorf("credentials: %s", err) return nil, zodb.InvalidTid, fmt.Errorf("credentials: %s", err)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment