Re: Direct SSL connection and ALPN loose ends

On 29/04/2024 21:06, Ranier Vilela wrote:
> Em seg., 29 de abr. de 2024 às 14:56, Heikki Linnakangas 
> <hlinnaka@iki.fi <mailto:hlinnaka@iki.fi>> escreveu:
> 
>     On 29/04/2024 20:10, Ranier Vilela wrote:
>      > Hi,
>      >
>      > With TLS 1.3 and others there is possibly a security flaw using
>     ALPN [1].
>      >
>      > It seems to me that the ALPN protocol can be bypassed if the
>     client does
>      > not correctly inform the ClientHello header.
>      >
>      > So, the suggestion is to check the ClientHello header in the
>     server and
>      > terminate the TLS handshake early.
> 
>     Sounds to me like it's working as designed. ALPN in general is
>     optional;
>     if the client doesn't request it, then you proceed without it. We do
>     require ALPN for direct SSL connections though. We can, because direct
>     SSL connections is a new feature in Postgres. But we cannot require it
>     for the connections negotiated with SSLRequest, or we break
>     compatibility with old clients that don't use ALPN.
> 
> Ok.
> But what if I have a server configured for TLS 1.3 and that requires 
> ALPN to allow access?
> What about a client configured without ALPN requiring connection?

Sorry, I don't understand the questions. What about them?

-- 
Heikki Linnakangas
Neon (https://neon.tech)