| From: | Keith Burdis <keith(at)burdis(dot)org> |
|---|---|
| To: | pgsql-hackers(at)lists(dot)postgresql(dot)org |
| Subject: | Proposal: sslmode=tls-only |
| Date: | 2021-12-24 14:08:05 |
| Message-ID: | CAE1f+tFJJOVvqNO-gvgetdv38v25DvH9EXcYci+EbsdQmfCZgQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
From 53.2.9. SSL Session Encryption:
> When SSL encryption can be performed, the server is expected to send only
> the single S byte and then wait for the frontend to initiate an SSL
> handshake. If additional bytes are available to read at this point, it
> likely means that a man-in-the-middle is attempting to perform a
> buffer-stuffing attack (CVE-2021-23222). Frontends should be coded either
> to read exactly one byte from the socket before turning the socket over to
> their SSL library, or to treat it as a protocol violation if they find they
> have read additional bytes.
> An initial SSLRequest can also be used in a connection that is being
> opened to send a CancelRequest message.
> While the protocol itself does not provide a way for the server to force
> SSL encryption, the administrator can configure the server to reject
> unencrypted sessions as a byproduct of authentication checking.
Has consideration been given to having something like ssl-mode=tls-only
where the SSLRequest message is skipped and the TLS handshake starts
immediately with the protocol continuing after that?
This has several advantages:
1) One less round-trip when establishing the connection, speeding this up.
TLS 1.3 removed a round-trip and this was significant so it could help.
2) No possibility of downgrading to non-TLS. (Not sure this is an issue
though.)
3) Connections work through normal TLS proxies and SNI can be used for
routing.
This final advantage is the main reason I'd like to see this implemented.
Postgres is increasingly being run in multi-tenant Kubernetes clusters
where load-balancers and node ports are not available, cost or don't scale
and it is currently difficult to connect to databases running there. If it
was possible to use normal ingress TLS proxies, running Postgres in
Kubernetes would be much easier and there are other use cases where just
using TLS would be beneficial as well.
Questions about TLS SNI support have been asked for several years now and
this would be a big usability improvement. SNI support was recently added
to the client-side and this seems like the next logical step.
Thoughts?
- Keith
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Nils Dijk | 2021-12-24 14:14:28 | Re: How to retain lesser paths at add_path()? |
| Previous Message | Justin Pryzby | 2021-12-24 13:49:46 | Re: add recovery, backup, archive, streaming etc. activity messages to server logs along with ps display |