rust/neon
1
0
Fork 0
mirror of https://github.com/neondatabase/neon.git synced 2026-01-06 21:12:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

Check postgresql ALPN value for direct SSL connections

Browse Source
This commit is contained in:
George MacKerron
2025-07-30 14:07:37 +01:00
parent 1dce2a9e74
commit 3bd2486778
1 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
proxy/src/pglb/handshake.rs
View File

@@ -137,7 +137,13 @@ pub(crate) async fn handshake<S: AsyncRead + AsyncWrite + Unpin + Send>(
// check the ALPN, if exists, as required. // check the ALPN, if exists, as required.
match conn_info.alpn_protocol() { match conn_info.alpn_protocol() {
None | Some(PG_ALPN_PROTOCOL) => {} None => {
if direct.is_some() {
warn!("missing ALPN protocol 'postgresql'");
return Err(HandshakeError::ProtocolViolation);
}
}
Some(PG_ALPN_PROTOCOL) => {}
Some(other) => { Some(other) => {
let alpn = String::from_utf8_lossy(other); let alpn = String::from_utf8_lossy(other);
warn!(%alpn, "unexpected ALPN"); warn!(%alpn, "unexpected ALPN");