Home > mailing lists

Re: Protocol problem with GSSAPI encryption? - Mailing list pgsql-hackers

From	Bruce Momjian
Subject	Re: Protocol problem with GSSAPI encryption?
Date	December 20, 2019 20:37:48
Msg-id	20191220173748.GE29807@momjian.us Whole thread Raw
In response to	Protocol problem with GSSAPI encryption? (Andrew Gierth <andrew@tao11.riddles.org.uk>)
Responses	Re: Protocol problem with GSSAPI encryption? (Stephen Frost <sfrost@snowman.net>) Re: Protocol problem with GSSAPI encryption? (Andrew Gierth <andrew@tao11.riddles.org.uk>)
List	pgsql-hackers

Tree view

On Sun, Dec  1, 2019 at 01:13:31AM +0000, Andrew Gierth wrote:
> This came up recently on IRC, not sure if the report there was passed on
> at all.
> 
> ProcessStartupPacket assumes that there will be only one negotiation
> request for an encrypted connection, but libpq is capable of issuing
> two: it will ask for GSS encryption first, if it looks like it will be
> able to do GSSAPI, and if the server refuses that it will ask (on the
> same connection) for SSL.

Are you saying that there is an additional round-trip for starting all
SSL connections because we now support GSSAPI, or this only happens if
libpq asks for GSSAPI?

-- 
  Bruce Momjian  <bruce@momjian.us>        http://momjian.us
  EnterpriseDB                             http://enterprisedb.com

+ As you are, so once was I.  As I am, so you will be. +
+                      Ancient Roman grave inscription +

pgsql-hackers by date:

From: Simon Riggs
Date: 20 December 2019, 20:35:36
Subject: Re: Optimizing TransactionIdIsCurrentTransactionId()

From: Tom Lane
Date: 20 December 2019, 20:37:51
Subject: Re: Created feature for to_date() conversion using patterns 'YYYY-WW', 'YYYY-WW-D', 'YYYY-MM-W' and 'YYYY-MM-W-D'

Re: Protocol problem with GSSAPI encryption? - Mailing list pgsql-hackers

Previous

Next