On 05/18/21 04:54, Magnus Hagander wrote:
> I mean, if you have
> hostssl somedatabase someuser 10.0.0.0/24 gss
> hostssl somedatabase supseruser 10.0.0.0/24 gss tls_min_version=1.3
>
> One would reasonably expect that "someuser" can connect with whatever
> the default version i for tls_min_versino, whereas "superuser" would
> require a minimum of 1.3. But that's *not* what would happen --
> superuser would also be allowed to connect with a lower version if
> that's allowed in the global set.
Negatory. "superuser" would be allowed to send a StartupMessage
containing the strings "somedatabase" and "superuser" (and possibly
some settings of options) over a lower version if that's allowed
in the global set ... and would then have the connection rejected
because the negotiated protocol was lower than 1.3, without seeing
any authentication message or having a chance to send any sensitive
authentication credentials.
So the risk of any information exposure over a too-low TLS version
is limited to the name of a database, the name of a user, and possibly
the settings of some options, and no sensitive authentication data.
Regards,
-Chap