Re: Experiments with Postgres and SSL
Greg Stark <stark@mit.edu>
From: Greg Stark <stark@mit.edu>
To: Vladimir Sitnikov <sitnikov.vladimir@gmail.com>
Cc: Andrey Borodin <amborodin86@gmail.com>, PostgreSQL-development <pgsql-hackers@postgresql.org>
Date: 2023-03-16T20:00:28Z
Lists: pgsql-hackers
Attachments
- v2-0003-Direct-SSL-connections-documentation.patch (text/x-patch) patch v2-0003
- v2-0001-Direct-SSL-connections-postmaster-support.patch (text/x-patch) patch v2-0001
- v2-0002-Direct-SSL-connections-client-support.patch (text/x-patch) patch v2-0002
Here's an updated patch for direct SSL connections. I've added libpq client support with a new connection parameter. This allows testing it easily with psql. It's still a bit hard to see what's going on though. I'm thinking it would be good to have libpq keep a string which describes what negotiations were attempted and failed and what was eventually accepted which psql could print with the SSL message or expose some other way. In the end I didn't see how adding an API for this really helped any more than just saying the API is to stuff the unread data into the Port structure. So I just documented that. If anyone has any better idea... I added documentation for the libpq connection setting. One thing, I *think* it's ok to replace the send(2) call with secure_write() in the negotiation. It does mean it's possible for the connection to fail with FATAL at that point instead of COMMERROR but I don't think that's a problem. I haven't added tests. I'm not sure how to test this since to test it properly means running the server with every permutation of ssl and gssapi configurations. Incidentally, some of the configuration combinations -- namely sslnegotiation=direct and default gssencmode and sslmode results in a counter-intuitive behaviour. But I don't see a better option that doesn't mean making the defaults less useful.
Commits
Same data as JSON:
GET /api/v1/messages/:b64id/commits
the thread's linked commits as JSON, with link sources.
API reference →
-
Enhance libpq encryption negotiation tests with new GUC
- 705843d294d5 17.0 landed
-
With gssencmode='require', check credential cache before connecting
- 20f9b61cc192 17.0 landed
-
Add tests for libpq gssencmode and sslmode options
- 1169920ff770 17.0 landed
-
Move Kerberos module
- 9f899562d420 17.0 landed
-
Give nicer error message when connecting to a v10 server requiring SCRAM.
- 96d0f988b150 9.4.12 cited