Re: Direct SSL connection with ALPN and HBA rules

Heikki Linnakangas <hlinnaka@iki.fi>

From: Heikki Linnakangas <hlinnaka@iki.fi>
To: Michael Paquier <michael@paquier.xyz>
Cc: Jacob Champion <jacob.champion@enterprisedb.com>, Postgres hackers <pgsql-hackers@lists.postgresql.org>
Date: 2024-04-22T22:48:04Z
Lists: pgsql-hackers

Attachments

On 22/04/2024 10:47, Heikki Linnakangas wrote:
> On 22/04/2024 10:19, Michael Paquier wrote:
>> On Sat, Apr 20, 2024 at 12:43:24AM +0300, Heikki Linnakangas wrote:
>>> On 19/04/2024 19:48, Jacob Champion wrote:
>>>> On Fri, Apr 19, 2024 at 6:56 AM Heikki Linnakangas <hlinnaka@iki.fi> wrote:
>>>>> With direct SSL negotiation, we always require ALPN.
>>>>
>>>>     (As an aside: I haven't gotten to test the version of the patch that
>>>> made it into 17 yet, but from a quick glance it looks like we're not
>>>> rejecting mismatched ALPN during the handshake as noted in [1].)
>>>
>>> Ah, good catch, that fell through the cracks. Agreed, the client should
>>> reject a direct SSL connection if the server didn't send ALPN. I'll add that
>>> to the Open Items so we don't forget again.
>>
>> Would somebody like to write a patch for that?  I'm planning to look
>> at this code more closely, as well.
> 
> I plan to write the patch later today.

Here's the patch for that. The error message is:

"direct SSL connection was established without ALPN protocol negotiation 
extension"

That's accurate, but I wonder if we could make it more useful to a user 
who's wondering what went wrong. I'd imagine that if the server doesn't 
support ALPN, it's because you have some kind of a (not necessarily 
malicious) generic SSL man-in-the-middle that doesn't support it. Or 
you're trying to connect to an HTTPS server. Suggestions welcome.

-- 
Heikki Linnakangas
Neon (https://neon.tech)

Commits

  1. Remove option to fall back from direct to postgres SSL negotiation

  2. Reject SSL connection if ALPN is used but there's no common protocol

  3. libpq: Enforce ALPN in direct SSL connections

  4. libpq: If ALPN is not used, make PQsslAttribute(conn, "alpn") == ""

  5. Fix documentation and comments on what happens after GSS rejection

  6. doc: Add note to prevent server spoofing with SCRAM