Skip site navigation (1) Skip section navigation (2)

Re: Old backend/frontend protocol versions

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: dvs(at)arrakis(dot)es
Cc: pgsql-hackers(at)postgresql(dot)org
Subject: Re: Old backend/frontend protocol versions
Date: 2001-10-29 17:59:48
Message-ID: (view raw, whole thread or download thread mbox)
Lists: pgsql-hackers
Daniel Varela Santoalla <dvs(at)arrakis(dot)es> writes:
> The problem appeared when using DBBalancer with PostgreSQL and PHP installed 
> from Debian packages, as a tcpdump capture identified a StartUp packet like 
> this:
> 00 00 01 28 04 d2 16 2f ...
> According to the protocol specification the first four bytes are the length 
> of the packet (ok), but the next four should be the protocol version....

This is an SSL negotiation request --- look for NEGOTIATE_SSL_CODE
in the sources.

> What I would like to know, since the lack of documentation (at least I 
> couldn't find any) of previous versions of the protocol is:

The people who did the SSL feature did a spectacularly poor job of
documenting it.  AFAICT, the rest of that packet is a wasted bunch of
zeroes, and the next thing that happens is that the postmaster sends
back a one-byte OK-to-use-SSL-or-not response; if OK, the next step
is to engage in an SSL connection dialog, then send the real StartUp
packet under protection of SSL.  But no, there's not a word of
documentation about it except some comments in the source code.

Unless your balancer can cope with a stream of data that it cannot make
any sense of, my guess is that you'll have a hard time doing anything
useful with SSL-encrypted connections.  You might be best off to reject
them out of hand (send back a 1-byte response 'N', then wait for the
non-encrypted StartUpPacket).  Or perhaps run separate SSL sessions on
your incoming and outgoing datastreams.

			regards, tom lane

In response to

pgsql-hackers by date

Next:From: Tom LaneDate: 2001-10-29 18:19:37
Subject: Re: Regression error on unixware 7 and open unix 8
Previous:From: Bruce MomjianDate: 2001-10-29 17:44:09
Subject: Re: ecpg - GRANT bug

Privacy Policy | About PostgreSQL
Copyright © 1996-2017 The PostgreSQL Global Development Group