On Sat, 9 Dec 2023 at 04:06, william@welliver.org wrote:
I'm pretty sure that SSL.File should be able to handshake in callback mode. Shuffler however, is a complication that can break the facade that SSL.File is just another Stdio.File object... I've definitely used shuffler with SSL.File objects in webservers, but in those situations, the shuffler isn't used until after the request has been parsed. The handshake, in those cases is performed immediately on accept() from the backend. I'm not familiar with how the pgsql module is set up, so there may be some magic going on that needs to be worked around. If you're trying to attempt some sort of conditional TLS ala STARTTLS, you might find that handshaking doesn't work until the underlying file thinks there's some data to read.
Bill
Thanks for this info. I've tried to dig into exactly what's going on, and would love some example code for how you use Shuffler with SSL.File. For the moment (see branch rosuav/pgsql-ssl - just updated and rebased it), the Shuffler is disabled when using SSL, but still active for all other connections.
The problem that I'm seeing with Shuffler and PGSQL at the moment is that, after the SSL handshake is completed, further data is sent in the clear (directly to the FD), rather than passing through the encryption layer as would normally happen. The authentication packet (username, database, etc) is misinterpreted by the other end as a malformed TLS packet, resulting in an encrypted alert and a TCP RST.
From what I'm seeing in the Shuffler code, it does seem to support the idea of not writing directly to the FD, but I'm a bit unclear on how that's to be triggered.
For the moment, the simple hack of disabling Shuffler with SSL does work, but I'd love to properly understand what's going on, and to reenable the Shuffler.
ChrisA