Revert "Fix verify_in_ssl log statement which no longer has access to SSL params"

chouinar · chouinar · commit 42d69231048d · 2023-09-22T10:59:30.000-04:00
This reverts commit 7ff0b44.
diff --git a/app/src/adapters/db/clients/postgres_client.py b/app/src/adapters/db/clients/postgres_client.py
@@ -121,6 +121,12 @@ def generate_iam_auth_token(aws_region: str, host: str, port: int, user: str) ->
 def verify_ssl(connection_info: Any) -> None:
     """Verify that the database connection is encrypted and log a warning if not."""
     if connection_info.pgconn.ssl_in_use:
-        logger.info("database connection is using SSL")
+        logger.info(
+            "database connection is using SSL: %s",
+            ", ".join(
+                name + " " + connection_info.ssl_attribute(name)
+                for name in connection_info.ssl_attribute_names
+            ),
+        )
     else:
         logger.warning("database connection is not using SSL")
diff --git a/app/tests/src/adapters/db/clients/test_postgres_client.py b/app/tests/src/adapters/db/clients/test_postgres_client.py
@@ -13,24 +13,31 @@ class DummyPgConn:
 
 
 class DummyConnectionInfo:
-    def __init__(self, ssl_in_use):
+    def __init__(self, ssl_in_use, attributes):
+        self.attributes = attributes
+        self.ssl_attribute_names = tuple(attributes.keys())
         self.pgconn = DummyPgConn(ssl_in_use)
 
+    def ssl_attribute(self, name):
+        return self.attributes[name]
+
 
 def test_verify_ssl(caplog):
     caplog.set_level(logging.INFO)  # noqa: B1
 
-    conn_info = DummyConnectionInfo(True)
+    conn_info = DummyConnectionInfo(True, {"protocol": "ABCv3", "key_bits": "64", "cipher": "XYZ"})
     verify_ssl(conn_info)
 
-    assert caplog.messages == ["database connection is using SSL"]
+    assert caplog.messages == [
+        "database connection is using SSL: protocol ABCv3, key_bits 64, cipher XYZ"
+    ]
     assert caplog.records[0].levelname == "INFO"
 
 
 def test_verify_ssl_not_in_use(caplog):
     caplog.set_level(logging.INFO)  # noqa: B1
 
-    conn_info = DummyConnectionInfo(False)
+    conn_info = DummyConnectionInfo(False, {})
     verify_ssl(conn_info)
 
     assert caplog.messages == ["database connection is not using SSL"]
