Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <pgsql-hackers-owner+archive@lists.postgresql.org>)
	id 1tmgMB-008rAB-Ly
	for pgsql-hackers@arkaria.postgresql.org; Mon, 24 Feb 2025 21:51:20 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.94.2)
	(envelope-from <pgsql-hackers-owner+archive@lists.postgresql.org>)
	id 1tmgMA-009XxJ-Ny
	for pgsql-hackers@arkaria.postgresql.org; Mon, 24 Feb 2025 21:51:18 +0000
Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29])
	by malur.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <jacob.champion@enterprisedb.com>)
	id 1tmgMA-009XxA-Cy
	for pgsql-hackers@lists.postgresql.org; Mon, 24 Feb 2025 21:51:18 +0000
Received: from mail-qv1-xf30.google.com ([2607:f8b0:4864:20::f30])
	by magus.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	(Exim 4.96)
	(envelope-from <jacob.champion@enterprisedb.com>)
	id 1tmgM6-000cC8-2q
	for pgsql-hackers@lists.postgresql.org;
	Mon, 24 Feb 2025 21:51:17 +0000
Received: by mail-qv1-xf30.google.com with SMTP id 6a1803df08f44-6e17d3e92d9so39084996d6.1
        for <pgsql-hackers@lists.postgresql.org>; Mon, 24 Feb 2025 13:51:14 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=enterprisedb.com; s=google; t=1740433873; x=1741038673; darn=lists.postgresql.org;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:from:to:cc:subject:date:message-id:reply-to;
        bh=URz8hhauDQhJ9jtdZwUv4zESXHTKATFvwr19r3y3J1g=;
        b=QsKRlCEZPhriopCETuaOY/fs9HnrEviDwpmwme8SMh8T04JNGdQWGFuufCskHdjuQT
         gTL1Y2rlxL/Q1TWMVR5Np4fr+24VjFqkqp8xC28TZr+0R97d37ppu+FXqvWguvH1Dv13
         XXuXxybSHSwFYlhfhliqHtcPYTNJICwGCq9/vpqQe/m/Gz+Vy1ZCyRjKVA1R8z8tcVYV
         kiyn+bnPGzFkP10YlxDB3cq0VIMpjE8Ndp6SwSpikvhGPlAtoWeLzWsdUn4CaQOiC7Mr
         tlP1xrJvZuqpYwU5quRjMdLq3miMMumoHCMWTUqREy4Q1M/Dd9RoGnGL53jpAd0G7SEq
         eOew==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1740433873; x=1741038673;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=URz8hhauDQhJ9jtdZwUv4zESXHTKATFvwr19r3y3J1g=;
        b=riRvXKArqb5S9i6T6Q0VcxMCRhR0b3hMWue7Y7o7xCwYDcQ5DTYc1IPWOho0SL0O3D
         26/9NKeNc5wRvYbnHCJVv2eY0lQvQVuAmfwHTbB5Ihxy2hrkvRPUp9Sk66GLR3881wL5
         mMtI7Usc2uHJPgd4ZsYVQ7oTv7p0k9qKKaumPD+aqOF8NxJd5Yj+l/J8961E7/dh6Jth
         6HRQgdU3JR1v+ZcXYtnJq9PwJsiPjMy8IAK+3V1vqv8TfFRaOUzdwEgmy6UTn1NudXdK
         ssJ7ZrLpg8T5vCLQTJhxX4pvIWekjl30z/tqyPqLrtJb62W6R8l4CLdGNvKTSKAn2z5y
         Ywjg==
X-Forwarded-Encrypted: i=1; AJvYcCXM9bAND440IwphuX1aaR+J1aOzX+4rUIqV9yigBXXWYP/SgHhETJ8jkFQHpWDCqzYiq4laqpkFP/ssTr0F@lists.postgresql.org
X-Gm-Message-State: AOJu0YyD2xUPzyUYCXnf9741zcIZpOjU8S1/usycJUENBQt/UKtA/BJl
	wFkYj1zxArFv0t90Qwo4d1qYT91DvDUtHqh0DDzJxUkJ3xdnlL8l9ThMy/cyNo1gbrP2tJV8lHb
	eSwtOAD7Ye+/9CevdzxcB4WPu2/VigxpHxTaz
X-Gm-Gg: ASbGncvnzO//rrCUOXk3XlEiqgMkaf70XyOcdS+JOLMeurjc6dC2hiqIEpfsmcRBkoM
	HNcUmySTDKRdzxTAbEo8QYMZVEz6ibUKgRhxE7EUY3vbh5rzQYcKIq+smmzJvfwOLfhoIs6Ejhz
	dC+IPa8Q==
X-Google-Smtp-Source: AGHT+IHIESepAz3ds4CwRtOoc53xJJttI7F6iv7ClpeosuOQyALhlKqs9aranVR21uSFD/2w1tGmeCB43ox3fmMDsEo=
X-Received: by 2002:a05:6214:ca4:b0:6e4:3cf1:5628 with SMTP id
 6a1803df08f44-6e6ae7c96c9mr206695056d6.3.1740433872954; Mon, 24 Feb 2025
 13:51:12 -0800 (PST)
MIME-Version: 1.0
References: <1C81CD0D-407E-44F9-833A-DD0331C202E5@yesql.se>
 <CAOYmi+k_YBsO3jnxx9HBcChNzkzRW=Erm4yiPGsKV2_6rU+-4g@mail.gmail.com>
 <88986722-5A72-4DEC-8750-BDBF67FF8C01@yesql.se> <CAOYmi+nYV6Rr9BY4YfYyVdiQ5TzMZray6QPXwiO3pYSaow+-Tg@mail.gmail.com>
 <7E77028B-5A3A-436B-9046-8E9992E9F94A@yesql.se> <Z1jeINLtB05YMVOY@paquier.xyz>
 <E51258CD-C7B2-4BB1-AB9C-A3DD2B6592D0@yesql.se> <F4222274-15C0-40E4-84FB-8FC1355BB8B2@yesql.se>
In-Reply-To: <F4222274-15C0-40E4-84FB-8FC1355BB8B2@yesql.se>
From: Jacob Champion <jacob.champion@enterprisedb.com>
Date: Mon, 24 Feb 2025 13:51:02 -0800
X-Gm-Features: AWEUYZkSJuAlJbwObH8XnWzPH4EAkhYEm-ipqpbJ3l-2UXj_EJwisCkG4Vs8njw
Message-ID: <CAOYmi+mSrV8hRaQkvGDf1Df4cmpv5SeTbTxppyxeonMe6MW8nA@mail.gmail.com>
Subject: Re: Serverside SNI support in libpq
To: Daniel Gustafsson <daniel@yesql.se>
Cc: Michael Paquier <michael@paquier.xyz>, Pgsql Hackers <pgsql-hackers@lists.postgresql.org>
Content-Type: multipart/mixed; boundary="000000000000c0dd94062eea56da"
List-Id: <pgsql-hackers.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-hackers@lists.postgresql.org>
List-Owner: <mailto:pgsql-hackers-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-hackers>
Archived-At: <https://www.postgresql.org/message-id/CAOYmi%2BmSrV8hRaQkvGDf1Df4cmpv5SeTbTxppyxeonMe6MW8nA%40mail.gmail.com>
Precedence: bulk

--000000000000c0dd94062eea56da
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

On Wed, Feb 19, 2025 at 3:13=E2=80=AFPM Daniel Gustafsson <daniel@yesql.se>=
 wrote:
> Are there any blockers for getting this in?

> +           SSL_context =3D ssl_init_context(isServerStart, host);

I'm still not quite following the rationale behind the SSL_context
assignment. To maybe illustrate, attached are some tests that I
expected to pass, but don't.

After adding an additional host and reloading the config, the behavior
of the original fallback host seems to change. Am I misunderstanding
the designed fallback behavior, have I misdesigned my test, or is this
a bug?

Thanks,
--Jacob

--000000000000c0dd94062eea56da
Content-Type: text/plain; charset="US-ASCII"; name="tests.diff.txt"
Content-Disposition: attachment; filename="tests.diff.txt"
Content-Transfer-Encoding: base64
Content-ID: <f_m7jl80z80>
X-Attachment-Id: f_m7jl80z80

ZGlmZiAtLWdpdCBhL3NyYy90ZXN0L3NzbC90LzAwNF9zbmkucGwgYi9zcmMvdGVzdC9zc2wvdC8w
MDRfc25pLnBsCmluZGV4IDA1NDJjNTllYmNiLi5lMTgzYTk1M2VkZSAxMDA2NDQKLS0tIGEvc3Jj
L3Rlc3Qvc3NsL3QvMDA0X3NuaS5wbAorKysgYi9zcmMvdGVzdC9zc2wvdC8wMDRfc25pLnBsCkBA
IC01Nyw2ICs1NywzMiBAQCAkbm9kZS0+Y29ubmVjdF9vaygKIAkiJGNvbm5zdHIgc3Nscm9vdGNl
cnQ9c3NsL3Jvb3Qrc2VydmVyX2NhLmNydCBzc2xtb2RlPXJlcXVpcmUiLAogCSJjb25uZWN0IHdp
dGggY29ycmVjdCBzZXJ2ZXIgQ0EgY2VydCBmaWxlIHNzbG1vZGU9cmVxdWlyZSIpOwogCisjIFRo
aXMgaXMgYWRkZWQgb25seSBmb3IgY29tcGFyaXNvbiB3aXRoIHRoZSBzYW1lIHRlc3QgY2FzZSBi
ZWxvdy4KKyRub2RlLT5jb25uZWN0X2ZhaWxzKAorCSIkY29ubnN0ciBzc2xyb290Y2VydD1zc2wv
cm9vdF9jYS5jcnQgc3NsbW9kZT12ZXJpZnktY2EiLAorCSJjb25uZWN0IGZhaWxzIHdpdGggZmFs
bGJhY2sgaG9zdG5hbWUsIHdpdGhvdXQgaW50ZXJtZWRpYXRlIiwKKwlleHBlY3RlZF9zdGRlcnIg
PT4gcXIvY2VydGlmaWNhdGUgdmVyaWZ5IGZhaWxlZC8pOworCisjIGV4YW1wbGUub3JnIHNlcnZl
cyB0aGUgc2VydmVyIGNlcnQgYW5kIGl0cyBpbnRlcm1lZGlhdGUgQ0EuCiskbm9kZS0+YXBwZW5k
X2NvbmYoJ3BnX2hvc3RzLmNvbmYnLAorCSJleGFtcGxlLm9yZyBzZXJ2ZXItY24tb25seStzZXJ2
ZXJfY2EuY3J0IHNlcnZlci1jbi1vbmx5LmtleSByb290X2NhLmNydCIKKyk7Ciskbm9kZS0+cmVs
b2FkOworCiskbm9kZS0+Y29ubmVjdF9vaygKKwkiJGNvbm5zdHIgaG9zdD1leGFtcGxlLm9yZyBz
c2xyb290Y2VydD1zc2wvcm9vdF9jYS5jcnQgc3NsbW9kZT12ZXJpZnktY2EiLAorCSJjb25uZWN0
IHdpdGggY29uZmlndXJlZCBob3N0bmFtZSwgc2VydmluZyBpbnRlcm1lZGlhdGUgc2VydmVyIENB
Iik7CisKKyMgV2h5IGRvZXMgdGhpcyB0ZXN0IGZhaWw/Ciskbm9kZS0+Y29ubmVjdF9mYWlscygK
KwkiJGNvbm5zdHIgc3Nscm9vdGNlcnQ9c3NsL3Jvb3RfY2EuY3J0IHNzbG1vZGU9dmVyaWZ5LWNh
IiwKKwkiY29ubmVjdCBzdGlsbCBmYWlscyB3aXRoIGZhbGxiYWNrIGhvc3RuYW1lLCB3aXRob3V0
IGludGVybWVkaWF0ZSIsCisJZXhwZWN0ZWRfc3RkZXJyID0+IHFyL2NlcnRpZmljYXRlIHZlcmlm
eSBmYWlsZWQvKTsKKworJG5vZGUtPmNvbm5lY3Rfb2soCisJIiRjb25uc3RyIGhvc3Q9bG9jYWxo
b3N0IHNzbHJvb3RjZXJ0PXNzbC9yb290K3NlcnZlcl9jYS5jcnQgc3NsbW9kZT12ZXJpZnktY2Ei
LAorCSJjb25uZWN0IHdpdGggZmFsbGJhY2sgaG9zdG5hbWUsIGludGVybWVkaWF0ZSBpbmNsdWRl
ZCIpOworCiBvayh1bmxpbmsoJG5vZGUtPmRhdGFfZGlyIC4gJy9wZ19ob3N0cy5jb25mJykpOwog
JG5vZGUtPmFwcGVuZF9jb25mKCdwZ19ob3N0cy5jb25mJywKIAkibG9jYWxob3N0IHNlcnZlci5j
cnQgc2VydmVyLmtleSByb290LmNydCIpOwo=
--000000000000c0dd94062eea56da--