* feat: makes mutual TLS optional for postgres and mysql
* feat: makes mutual TLS optional for gRPC
* refactor: replaces deprecated grpc.WithInsecure()
* docs: changes meaning of grpc tls option to client cert
* chore: updates test go version to same as project version (1.18)
* test: adds TLS and mutual TLS support to db and grpc test environments
* chore: adds generated test certificates to .gitignore
* chore: reduces test certificates to minimum key usage
* chore: adds second client certificate which acts as unauthorized
* test: adds mysql tls and mutual tls tests
* refactor: postgres ssl config check
* refactor: change connectTries to 0 for postgres to only have 1 retry by default like mysql
* refactor: postgres sslmode and sslrootcert code
* test: adds postgres tls and mutual tls tests
* fix: treat grpc authOpts grpc_ca_cert, grpc_tls_cert, grpc_tls_key as file paths instead of actual file contents
refactor: improves error logging
* test: adds grpc tls and mutual tls tests
* Fix postgres ssl modes `require`, ``verify-ca` and `verify-full` to work without explicit root certificate.
* refactor: adds warning for unknown pg_sslmode
style: removes empty lines
* style: compress switch case
Co-authored-by: Martin Abbrent <martin.abbrent@ufz.de>
Files should be able to check ACLs only.
Clen setPrefixes method.
Fix test-backends by building custom plugin too, fix files only acls by checking if a user was seen before creating a general record.
* No longer cache response from backend when the backend fail.
* Reply to Mosquitto using "MOSQ_ERR_UNKNOWN" which will disconnect
client and avoid silent data loss when the error occure for ACL
checks.
Ignacio Gómez