On 12/24/21 09:08, Keith Burdis wrote: > From 53.2.9. SSL Session Encryption: > > > When SSL encryption can be performed, the server is expected to > send only the single S byte and then wait for the frontend to > initiate an SSL handshake. If additional bytes are available to > read at this point, it likely means that a man-in-the-middle is > attempting to perform a buffer-stuffing attack (CVE-2021-23222). > Frontends should be coded either to read exactly one byte from the > socket before turning the socket over to their SSL library, or to > treat it as a protocol violation if they find they have read > additional bytes. > > > An initial SSLRequest can also be used in a connection that is > being opened to send a CancelRequest message. > > > While the protocol itself does not provide a way for the server to > force SSL encryption, the administrator can configure the server > to reject unencrypted sessions as a byproduct of authentication > checking. > > > Has consideration been given to having something like > ssl-mode=tls-only where the SSLRequest message is skipped and the TLS > handshake starts immediately with the protocol continuing after that? > > This has several advantages: > 1) One less round-trip when establishing the connection, speeding this > up. TLS 1.3 removed a round-trip and this was significant so it could > help. > 2) No possibility of downgrading to non-TLS. (Not sure this is an > issue though.) > 3) Connections work through normal TLS proxies and SNI can be used for > routing. > > This final advantage is the main reason I'd like to see this > implemented. Postgres is increasingly being run in multi-tenant > Kubernetes clusters where load-balancers and node ports are not > available, cost or don't scale and it is currently difficult to > connect to databases running there. If it was possible to use normal > ingress TLS proxies, running Postgres in Kubernetes would be much > easier and there are other use cases where just using TLS would be > beneficial as well. > > Questions about TLS SNI support have been asked for several years now > and this would be a big usability improvement. SNI support was > recently added to the client-side and this seems like the next logical > step. > > Thoughts? > >
Isn't that going to break every existing client? How is a client supposed to know which protocol to follow? cheers andrew -- Andrew Dunstan EDB: https://www.enterprisedb.com