BUG #18095: Unintended non-SSL connection attempt by psql cli command after a failed password authentication
The following bug has been logged on the website:
Bug reference: 18095
Logged by: Youssef TOURKI
Email address: ytourki@ext.scaleway.com
PostgreSQL version: 14.9
Operating system: Ubuntu 22
Description:
The bug is related to the psql client (cli)
When connecting to a PostgreSQL server (version 14) configured to only
accept SSL connections, if a user provides an incorrect password, the psql
client (version 14) returns two error messages in succession. The first
message correctly indicates a password authentication failure, but the
second suggests an unexpected non-SSL connection attempt.
Steps to Reproduce:
Configure the PostgreSQL server to accept only SSL connections.
Use the psql client to connect to the server, intentionally providing an
incorrect password.
Observe the error messages returned.
Expected Behavior:
Upon providing an incorrect password, the user should receive a single error
message related to the authentication failure. The client should not attempt
a non-SSL connection, especially given that the server is configured to only
accept SSL.
Actual Behavior:
Two error messages are displayed in the following order:
psql: error: connection to server at "172.17.0.4", port 5432 failed: FATAL:
password authentication failed for user "postgres"
connection to server at "172.17.0.4", port 5432 failed: FATAL: no
pg_hba.conf entry for host "172.17.0.1", user "postgres", database
"postgres", no encryption
The second message indicates an unexpected non-SSL connection attempt by the
psql client after the initial authentication failure.
Environment:
PostgreSQL Server Version: 14
psql Client Version: 14
PG Bug reporting form <noreply@postgresql.org> writes:
When connecting to a PostgreSQL server (version 14) configured to only
accept SSL connections, if a user provides an incorrect password, the psql
client (version 14) returns two error messages in succession. The first
message correctly indicates a password authentication failure, but the
second suggests an unexpected non-SSL connection attempt.
This is libpq's (not psql's) default behavior. If you don't like it,
you need to set the sslmode parameter in the connection string to prevent
non-SSL connection attempts. See
https://www.postgresql.org/docs/current/libpq-ssl.html#LIBPQ-SSL-SSLMODE-STATEMENTS
regards, tom lane
On Thu, 2023-09-07 at 16:44 +0000, PG Bug reporting form wrote:
Bug reference: 18095
Logged by: Youssef TOURKI
Email address: ytourki@ext.scaleway.com
PostgreSQL version: 14.9
Operating system: Ubuntu 22
Description:The bug is related to the psql client (cli)
When connecting to a PostgreSQL server (version 14) configured to only
accept SSL connections, if a user provides an incorrect password, the psql
client (version 14) returns two error messages in succession. The first
message correctly indicates a password authentication failure, but the
second suggests an unexpected non-SSL connection attempt.Steps to Reproduce:
Configure the PostgreSQL server to accept only SSL connections.
Use the psql client to connect to the server, intentionally providing an
incorrect password.
Observe the error messages returned.
Expected Behavior:Upon providing an incorrect password, the user should receive a single error
message related to the authentication failure. The client should not attempt
a non-SSL connection, especially given that the server is configured to only
accept SSL.Actual Behavior:
Two error messages are displayed
This is no bug; it is working as designed and as documented; see
https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-CONNECT-SSLMODE
The default SSL mode is "prefer": the first attempt is an encrypted connection,
if that fails, an unencrypted connection is tried.
To change that, you have to configure the client appropriately:
psql "host=... port=... user=... dbname=... password=... sslmode=require"
Alternatively, set the environment variable PGSSLMODE to "require".
Yours,
Laurenz Albe