Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <pgsql-general-owner+archive@lists.postgresql.org>)
	id 1s5p82-008O0q-0B
	for pgsql-general@arkaria.postgresql.org; Sat, 11 May 2024 15:59:18 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.94.2)
	(envelope-from <pgsql-general-owner+archive@lists.postgresql.org>)
	id 1s5p7z-005sQh-12
	for pgsql-general@arkaria.postgresql.org; Sat, 11 May 2024 15:59:15 +0000
Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29])
	by malur.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <tgl@sss.pgh.pa.us>)
	id 1s5p7y-005sQY-Ma
	for pgsql-general@lists.postgresql.org; Sat, 11 May 2024 15:59:15 +0000
Received: from sss.pgh.pa.us ([68.162.161.243])
	by magus.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <tgl@sss.pgh.pa.us>)
	id 1s5p7q-000WuG-Rs
	for pgsql-general@lists.postgresql.org; Sat, 11 May 2024 15:59:14 +0000
Received: from sss1.sss.pgh.pa.us (localhost [127.0.0.1])
	by sss.pgh.pa.us (8.15.2/8.15.2) with ESMTP id 44BFx4ru007169;
	Sat, 11 May 2024 11:59:05 -0400
From: Tom Lane <tgl@sss.pgh.pa.us>
To: AJ ONeal <coolaj86@proton.me>
cc: "pgsql-general@lists.postgresql.org" <pgsql-general@lists.postgresql.org>
Subject: Re: Feature Request: Option for TLS no SSLRequest with psql
In-reply-to: <ECNyobMWPeoCd4yj_5J0RsDL1yKC9MbbBwOGCYHgcts7v0BW_-znGIoxcvfzUsf3yKvUB6Lef22OBMZnJyZ-0T2U1qaVflQqEGO0RFHp1PE=@proton.me>
References: <ECNyobMWPeoCd4yj_5J0RsDL1yKC9MbbBwOGCYHgcts7v0BW_-znGIoxcvfzUsf3yKvUB6Lef22OBMZnJyZ-0T2U1qaVflQqEGO0RFHp1PE=@proton.me>
Comments: In-reply-to AJ ONeal <coolaj86@proton.me>
	message dated "Sat, 11 May 2024 15:19:50 -0000"
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-ID: <7167.1715443144.1@sss.pgh.pa.us>
Content-Transfer-Encoding: quoted-printable
Date: Sat, 11 May 2024 11:59:04 -0400
Message-ID: <7168.1715443144@sss.pgh.pa.us>
List-Id: <pgsql-general.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-general@lists.postgresql.org>
List-Owner: <mailto:pgsql-general-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-general>
Archived-At: <https://www.postgresql.org/message-id/7168.1715443144%40sss.pgh.pa.us>
Precedence: bulk

AJ ONeal <coolaj86@proton.me> writes:
> Could we get a `postgrestls://` or `sslmode=3Dtls` or --tls option that =
instructs psql=E2=80=8B to sends straight TLS, skipping the 0000000804d216=
2f / 0000000804d21630 + N / Y / S handshake?

You're too late:

https://git.postgresql.org/gitweb/?p=3Dpostgresql.git;a=3Dcommit;h=3Dd39a4=
9c1e4

(and likewise too late about ALPN).

You might however care to weigh in on the ongoing argument about what
the libpq connection options controlling this should do (but not on
this list):

https://www.postgresql.org/message-id/flat/ad45965c-8b95-4bde-bf05-509ab6f=
ccf96%40iki.fi

			regards, tom lane