| From: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
|---|---|
| To: | Keith Burdis <keith(at)burdis(dot)org>, pgsql-hackers(at)lists(dot)postgresql(dot)org |
| Subject: | Re: Proposal: sslmode=tls-only |
| Date: | 2021-12-24 19:16:37 |
| Message-ID: | 95b444a5-923b-500d-e754-8c2b552d55a9@dunslane.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 12/24/21 09:08, Keith Burdis wrote:
> From 53.2.9. SSL Session Encryption:
>
>
> When SSL encryption can be performed, the server is expected to
> send only the single S byte and then wait for the frontend to
> initiate an SSL handshake. If additional bytes are available to
> read at this point, it likely means that a man-in-the-middle is
> attempting to perform a buffer-stuffing attack (CVE-2021-23222).
> Frontends should be coded either to read exactly one byte from the
> socket before turning the socket over to their SSL library, or to
> treat it as a protocol violation if they find they have read
> additional bytes.
>
>
> An initial SSLRequest can also be used in a connection that is
> being opened to send a CancelRequest message.
>
>
> While the protocol itself does not provide a way for the server to
> force SSL encryption, the administrator can configure the server
> to reject unencrypted sessions as a byproduct of authentication
> checking.
>
>
> Has consideration been given to having something like
> ssl-mode=tls-only where the SSLRequest message is skipped and the TLS
> handshake starts immediately with the protocol continuing after that?
>
> This has several advantages:
> 1) One less round-trip when establishing the connection, speeding this
> up. TLS 1.3 removed a round-trip and this was significant so it could
> help.
> 2) No possibility of downgrading to non-TLS. (Not sure this is an
> issue though.)
> 3) Connections work through normal TLS proxies and SNI can be used for
> routing.
>
> This final advantage is the main reason I'd like to see this
> implemented. Postgres is increasingly being run in multi-tenant
> Kubernetes clusters where load-balancers and node ports are not
> available, cost or don't scale and it is currently difficult to
> connect to databases running there. If it was possible to use normal
> ingress TLS proxies, running Postgres in Kubernetes would be much
> easier and there are other use cases where just using TLS would be
> beneficial as well.
>
> Questions about TLS SNI support have been asked for several years now
> and this would be a big usability improvement. SNI support was
> recently added to the client-side and this seems like the next logical
> step.
>
> Thoughts?
>
>
Isn't that going to break every existing client? How is a client
supposed to know which protocol to follow?
cheers
andrew
--
Andrew Dunstan
EDB: https://www.enterprisedb.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Aliaksandr Kalenik | 2021-12-24 20:19:36 | [PATCH] reduce page overlap of GiST indexes built using sorted method |
| Previous Message | Zhihong Yu | 2021-12-24 18:28:57 | Re: 回复:Re: Re: 回复:Re: Is it worth pushing conditions to sublink/subplan? |