Hi all, (Heikki in CC.) Since 91044ae4baea (require ALPN for direct SSL connections) and d39a49c1e459 (direct hanshake), direct SSL connections are supported (yeah!), still the thread where this has been discussed does not cover the potential impact on HBA rules: https://www.postgresql.org/message-id/CAM-w4HOEAzxyY01ZKOj-iq%3DM4-VDk%3DvzQgUsuqiTFjFDZaebdg%40mail.gmail.com
My point is, would there be a point in being able to enforce that ALPN is used from the server rather than just relying on the client-side sslnegotiation to decide if direct SSL connections should be forced or not? Hence, I'd imagine that we could have an HBA option for hostssl rules, like a negotiation={direct,postgres,all} that cross-checks Port->alpn_used with the option value in a hostssl entry, rejecting the use of connections using direct connections or the default protocol if these are not used, giving users a way to avoid one. As this is a new thing, there may be an argument in this option for security reasons, as well, so as it would be possible for operators to turn that off in the server. Thoughts or comments? -- Michael
signature.asc
Description: PGP signature