From: | Ronald Van de Kuil <ronald(dot)van(dot)de(dot)kuil(at)nl(dot)ibm(dot)com> |
---|---|
To: | Magnus Hagander <magnus(at)hagander(dot)net> |
Cc: | "pgsql-bugs(at)lists(dot)postgresql(dot)org" <pgsql-bugs(at)lists(dot)postgresql(dot)org> |
Subject: | RE: BUG #17919: "client hello" message / SNI / Openshift Routes |
Date: | 2023-05-23 09:22:04 |
Message-ID: | PH0PR15MB4624A852CC085A21D8A71157A8409@PH0PR15MB4624.namprd15.prod.outlook.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-bugs |
Version 6.21 of PGAdmin 4.
It comes with the postgresql-15.2-2-windows-x64 postgres client. That installation has version 15.0.2.23082 of the libpq.dll
Should it pick up that DLL automatically or do I have to configure something?
Best Regards,
Ronald
Red Hat Certified Professional (RHCSA, RHCE), Verify Here<https://rhtapps.redhat.com/verify?certId=200-126-837>.
________________________________
From: Magnus Hagander <magnus(at)hagander(dot)net>
Sent: Friday, May 19, 2023 7:18 PM
To: Ronald Van de Kuil <ronald(dot)van(dot)de(dot)kuil(at)nl(dot)ibm(dot)com>
Cc: pgsql-bugs(at)lists(dot)postgresql(dot)org <pgsql-bugs(at)lists(dot)postgresql(dot)org>
Subject: [EXTERNAL] Re: BUG #17919: "client hello" message / SNI / Openshift Routes
On Mon, May 15, 2023 at 12:47 PM Ronald Van de Kuil
<ronald(dot)van(dot)de(dot)kuil(at)nl(dot)ibm(dot)com> wrote:
>
> Openshift uses haproxy. And I have configured a passthrough route for the postgresql service.
>
> In addition, I have managed to make a tcpdump of connecting to the Postgres instance via oc-port-forward, a CLI utility which is not production grade. However, it gives me a chance to understand the postgresql handshake. There I see a Client Hello, then a Client Hello with a change of Cypher Spec, and then the Server hallo.
>
> On this connection that was established, I see the absence of an "Extension: server_name". I see that in connections that are established to the console of Openshift. I would therefore like to believe that some work needs to be done on the PostgreSQL client to send the SNI.
What version of the client are you using? I would expect the host name
extension to be set in clienthello by default - but it does require
the client libpq to be at least version 14. Maybe you have more than
one version of libpq around, and it's picking up the wrong one? (Note
that it is perfectly possible to have different versions of psql and
libpq, and you need to verify the libpq version specifically).
//Magnus
Unless otherwise stated above:
IBM Nederland B.V.
Gevestigd te Amsterdam
Inschrijving Handelsregister Amsterdam Nr. 33054214
From | Date | Subject | |
---|---|---|---|
Next Message | Alvaro Herrera | 2023-05-23 09:28:05 | Re: Need Support to Upgrade from 13.6 to 15.3 |
Previous Message | Dippu Kumar | 2023-05-23 09:20:32 | Re: Need Support to Upgrade from 13.6 to 15.3 |