From c0ea3343c32930217aefa4c65459b8079b435b06 Mon Sep 17 00:00:00 2001
From: Oliver Tonnhofer <olt@bogosoft.com>
Date: Tue, 1 Jul 2014 15:19:16 +0200
Subject: [PATCH] disable ssl by default for PG connections to workaround
 renegotiation issues

---
 README.md                   |  3 +++
 database/postgis/postgis.go |  2 +-
 database/postgis/util.go    | 26 +++++++++++---------------
 3 files changed, 15 insertions(+), 16 deletions(-)

diff --git a/README.md b/README.md
index e87b640..7ef754a 100644
--- a/README.md
+++ b/README.md
@@ -211,6 +211,9 @@ For more options see:
 Sorry, that's all documentation for the moment.
 
 
+Note: TLS/SSL support is disabled by default due to the lack of renegotiation support in Go's TLS implementation. You can re-enable encryption by setting the `PGSSLMODE` environment variable or the `sslmode` connection option to `require` or `verify-full`, eg: `-connect postgis://host/dbname?sslmode=require`. You will need to disable renegotiation support on your server to prevent connection errors on larger imports. You can do this by setting `ssl_renegotiation_limit` to 0 in your PostgreSQL server configuration.
+
+
 Support
 -------
 
diff --git a/database/postgis/postgis.go b/database/postgis/postgis.go
index 58babed..6dffba5 100644
--- a/database/postgis/postgis.go
+++ b/database/postgis/postgis.go
@@ -570,7 +570,7 @@ func New(conf database.Config, m *mapping.Mapping) (database.DB, error) {
 	if err != nil {
 		return nil, err
 	}
-	params = disableDefaultSslOnLocalhost(params)
+	params = disableDefaultSsl(params)
 	params, db.Prefix = stripPrefixFromConnectionParams(params)
 
 	for name, table := range m.Tables {
diff --git a/database/postgis/util.go b/database/postgis/util.go
index 4523155..9c74256 100644
--- a/database/postgis/util.go
+++ b/database/postgis/util.go
@@ -8,33 +8,29 @@ import (
 	"sync"
 )
 
-// disableDefaultSslOnLocalhost adds sslmode=disable to params
-// when host is localhost/127.0.0.1 and the sslmode param and
-// PGSSLMODE environment are both not set.
-func disableDefaultSslOnLocalhost(params string) string {
+// disableDefaultSsl adds sslmode=disable to params
+// when sslmode param and PGSSLMODE environment are both not set.
+//
+// Reason: PG will renegotiate encryption after 512MB by default, but
+// Go's TLS does not suport renegotiation. Disable SSL to work around that.
+// See: https://code.google.com/p/go/issues/detail?id=5742
+// and ssl_renegotiation_limit on:
+// http://www.postgresql.org/docs/9.1/static/runtime-config-connection.html
+
+func disableDefaultSsl(params string) string {
 	parts := strings.Fields(params)
-	isLocalHost := false
 	for _, p := range parts {
 		if strings.HasPrefix(p, "sslmode=") {
 			return params
 		}
-		if p == "host=localhost" || p == "host=127.0.0.1" || strings.HasPrefix(p,"host=/") {
-			isLocalHost = true
-		}
-	}
-
-	if !isLocalHost {
-		return params
 	}
 
 	for _, v := range os.Environ() {
-		parts := strings.SplitN(v, "=", 2)
-		if parts[0] == "PGSSLMODE" {
+		if strings.HasPrefix(v, "PGSSLMODE=") {
 			return params
 		}
 	}
 
-	// found localhost but explicit no sslmode, disable sslmode
 	return params + " sslmode=disable"
 }