diff --git a/cli/src/main.rs b/cli/src/main.rs index 277066071..2dbd45245 100644 --- a/cli/src/main.rs +++ b/cli/src/main.rs @@ -225,7 +225,7 @@ impl ConnectionArgs { } } if self.tls { - query.append_pair("sslmode", "enable"); + query.append_pair("sslmode", "require"); } else { query.append_pair("sslmode", "disable"); } diff --git a/core/src/client.rs b/core/src/client.rs index 4606d4bbf..e137b96b4 100644 --- a/core/src/client.rs +++ b/core/src/client.rs @@ -115,11 +115,16 @@ impl APIClient { "warehouse" => { client.warehouse = Arc::new(Mutex::new(Some(v.to_string()))); } - "sslmode" => { - if v == "disable" { - scheme = "http"; + "sslmode" => match v.as_ref() { + "disable" => scheme = "http", + "require" => scheme = "https", + _ => { + return Err(Error::BadArgument(format!( + "Invalid value for sslmode: {}", + v + ))) } - } + }, "tls_ca_file" => { client.tls_ca_file = Some(v.to_string()); } diff --git a/driver/src/flight_sql.rs b/driver/src/flight_sql.rs index 17d113545..78b35748f 100644 --- a/driver/src/flight_sql.rs +++ b/driver/src/flight_sql.rs @@ -231,12 +231,22 @@ impl Args { match k.as_ref() { "tenant" => args.tenant = Some(v.to_string()), "warehouse" => args.warehouse = Some(v.to_string()), - "sslmode" => { - if v == "disable" { + "sslmode" => match v.as_ref() { + "disable" => { scheme = "http"; args.tls = false; } - } + "require" => { + scheme = "https"; + args.tls = true; + } + _ => { + return Err(Error::BadArgument(format!( + "Invalid value for sslmode: {}", + v.as_ref() + ))) + } + }, "tls_ca_file" => args.tls_ca_file = Some(v.to_string()), "connect_timeout" => args.connect_timeout = Duration::from_secs(v.parse()?), "query_timeout" => args.query_timeout = Duration::from_secs(v.parse()?),