PostgreSQL SSL communication with SecureTcpClient (Ssl v 3.0)
Hello,
I am currently adding SSL support to the Npgsql driver (the .NET data
provider for PostgreSQL). I have tested with the Mentalis Secure Library
(http://www.mentalis.org/soft/projects/ssocket/). I am creating the
SecureTcpSocket as an instance that uses Ssl version 3.0. The PostgreSQL
server is configured as described in
http://developer.postgresql.org/docs/postgres/ssl-tcp.html . SSL support
is added in pg_hba.conf, via hostssl
The exception I get when I run a test application to connect the
database is something like that:
Unhandled Exception: Npgsql.NpgsqlException: Error in Open() --->
System.IO.IOException: An I/O exception occurred. --->
Org.Mentalis.Security.SecurityException
: An error occurs while communicating with the remote host. --->
Org.Mentalis.Security.Ssl.Shared.SslException: The server hello message
uses a protocol that was not recognized.
Do you have any idea what can be the reason? Thanks in advance.
Regards,
Angel
Angel T. Todorov
PGP public key ID: 1024D/
<http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x35454B4C> 35454B4C
What version of PostgreSQL are you using?
---------------------------------------------------------------------------
Angel Todorov wrote:
Hello,
I am currently adding SSL support to the Npgsql driver (the .NET data
provider for PostgreSQL). I have tested with the Mentalis Secure Library
(http://www.mentalis.org/soft/projects/ssocket/). I am creating the
SecureTcpSocket as an instance that uses Ssl version 3.0. The PostgreSQL
server is configured as described in
http://developer.postgresql.org/docs/postgres/ssl-tcp.html . SSL support
is added in pg_hba.conf, via hostssl
The exception I get when I run a test application to connect the
database is something like that:Unhandled Exception: Npgsql.NpgsqlException: Error in Open() --->
System.IO.IOException: An I/O exception occurred. --->
Org.Mentalis.Security.SecurityException
: An error occurs while communicating with the remote host. --->
Org.Mentalis.Security.Ssl.Shared.SslException: The server hello message
uses a protocol that was not recognized.Do you have any idea what can be the reason? Thanks in advance.
Regards,
Angel
Angel T. Todorov
PGP public key ID: 1024D/
<http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x35454B4C> 35454B4C
--
Bruce Momjian | http://candle.pha.pa.us
pgman@candle.pha.pa.us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073It is 7.3.3
The Npgsql is 0.5, which supports the 2.0 protocol.
Angel
-----Original Message-----
From: Bruce Momjian [mailto:pgman@candle.pha.pa.us]
Sent: Monday, September 29, 2003 3:03 AM
To: Angel Todorov
Cc: PostgreSQL General
Subject: Re: [GENERAL] PostgreSQL SSL communication with SecureTcpClient
(Ssl v 3.0)
What version of PostgreSQL are you using?
------------------------------------------------------------------------
---
Angel Todorov wrote:
Hello,
I am currently adding SSL support to the Npgsql driver (the .NET data
provider for PostgreSQL). I have tested with the Mentalis Secure
Library
(http://www.mentalis.org/soft/projects/ssocket/). I am creating the
SecureTcpSocket as an instance that uses Ssl version 3.0. The
PostgreSQL
server is configured as described in
http://developer.postgresql.org/docs/postgres/ssl-tcp.html . SSL
support
is added in pg_hba.conf, via hostssl
The exception I get when I run a test application to connect the
database is something like that:Unhandled Exception: Npgsql.NpgsqlException: Error in Open() --->
System.IO.IOException: An I/O exception occurred. --->
Org.Mentalis.Security.SecurityException
: An error occurs while communicating with the remote host. --->
Org.Mentalis.Security.Ssl.Shared.SslException: The server hello
message
uses a protocol that was not recognized.
Do you have any idea what can be the reason? Thanks in advance.
Regards,
Angel
Angel T. Todorov
PGP public key ID: 1024D/
<http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x35454B4C>
35454B4C
--
Bruce Momjian | http://candle.pha.pa.us
pgman@candle.pha.pa.us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania
19073Angel Todorov wrote:
It is 7.3.3
We have fixed many SSL items in 7.4. Can you grab a snapshot from our
FTP server and check that?
---------------------------------------------------------------------------
The Npgsql is 0.5, which supports the 2.0 protocol.
Angel
-----Original Message-----
From: Bruce Momjian [mailto:pgman@candle.pha.pa.us]
Sent: Monday, September 29, 2003 3:03 AM
To: Angel Todorov
Cc: PostgreSQL General
Subject: Re: [GENERAL] PostgreSQL SSL communication with SecureTcpClient
(Ssl v 3.0)What version of PostgreSQL are you using?
------------------------------------------------------------------------
---Angel Todorov wrote:
Hello,
I am currently adding SSL support to the Npgsql driver (the .NET data
provider for PostgreSQL). I have tested with the Mentalis SecureLibrary
(http://www.mentalis.org/soft/projects/ssocket/). I am creating the
SecureTcpSocket as an instance that uses Ssl version 3.0. ThePostgreSQL
server is configured as described in
http://developer.postgresql.org/docs/postgres/ssl-tcp.html . SSLsupport
is added in pg_hba.conf, via hostssl
The exception I get when I run a test application to connect the
database is something like that:Unhandled Exception: Npgsql.NpgsqlException: Error in Open() --->
System.IO.IOException: An I/O exception occurred. --->
Org.Mentalis.Security.SecurityException
: An error occurs while communicating with the remote host. --->
Org.Mentalis.Security.Ssl.Shared.SslException: The server hellomessage
uses a protocol that was not recognized.
Do you have any idea what can be the reason? Thanks in advance.
Regards,
Angel
Angel T. Todorov
PGP public key ID: 1024D/
<http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x35454B4C>35454B4C
-- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073
--
Bruce Momjian | http://candle.pha.pa.us
pgman@candle.pha.pa.us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073Hello, is it something specific about the startup packet length? I can
try to see if I can fix it if it is from the driver itself. I will try
with 7.4, but it should also operate with postgresql 7.2 and 7.3
Angel
-----Original Message-----
From: pgsql-general-owner@postgresql.org
[mailto:pgsql-general-owner@postgresql.org] On Behalf Of Bruce Momjian
Sent: Monday, September 29, 2003 4:13 AM
To: Angel Todorov
Cc: 'PostgreSQL General'
Subject: Re: [GENERAL] PostgreSQL SSL communication with SecureTcpClient
(Ssl
Angel Todorov wrote:
It is 7.3.3
We have fixed many SSL items in 7.4. Can you grab a snapshot from our
FTP server and check that?
------------------------------------------------------------------------
---
The Npgsql is 0.5, which supports the 2.0 protocol.
Angel
-----Original Message-----
From: Bruce Momjian [mailto:pgman@candle.pha.pa.us]
Sent: Monday, September 29, 2003 3:03 AM
To: Angel Todorov
Cc: PostgreSQL General
Subject: Re: [GENERAL] PostgreSQL SSL communication with
SecureTcpClient
(Ssl v 3.0)
What version of PostgreSQL are you using?
------------------------------------------------------------------------
---
Angel Todorov wrote:
Hello,
I am currently adding SSL support to the Npgsql driver (the .NET
data
provider for PostgreSQL). I have tested with the Mentalis Secure
Library
(http://www.mentalis.org/soft/projects/ssocket/). I am creating the
SecureTcpSocket as an instance that uses Ssl version 3.0. ThePostgreSQL
server is configured as described in
http://developer.postgresql.org/docs/postgres/ssl-tcp.html . SSLsupport
is added in pg_hba.conf, via hostssl
The exception I get when I run a test application to connect the
database is something like that:Unhandled Exception: Npgsql.NpgsqlException: Error in Open() --->
System.IO.IOException: An I/O exception occurred. --->
Org.Mentalis.Security.SecurityException
: An error occurs while communicating with the remote host. --->
Org.Mentalis.Security.Ssl.Shared.SslException: The server hellomessage
uses a protocol that was not recognized.
Do you have any idea what can be the reason? Thanks in advance.
Regards,
Angel
Angel T. Todorov
PGP public key ID: 1024D/
<http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x35454B4C>35454B4C
-- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073
--
Bruce Momjian | http://candle.pha.pa.us
pgman@candle.pha.pa.us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania
19073---------------------------(end of broadcast)---------------------------
TIP 3: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to majordomo@postgresql.org so that your
message can get through to the mailing list cleanly
Angel Todorov wrote:
Hello, is it something specific about the startup packet length? I can
try to see if I can fix it if it is from the driver itself. I will try
with 7.4, but it should also operate with postgresql 7.2 and 7.3
Sorry, no idea.
---------------------------------------------------------------------------
Angel
-----Original Message-----
From: pgsql-general-owner@postgresql.org
[mailto:pgsql-general-owner@postgresql.org] On Behalf Of Bruce Momjian
Sent: Monday, September 29, 2003 4:13 AM
To: Angel Todorov
Cc: 'PostgreSQL General'
Subject: Re: [GENERAL] PostgreSQL SSL communication with SecureTcpClient
(SslAngel Todorov wrote:
It is 7.3.3
We have fixed many SSL items in 7.4. Can you grab a snapshot from our
FTP server and check that?------------------------------------------------------------------------
---The Npgsql is 0.5, which supports the 2.0 protocol.
Angel
-----Original Message-----
From: Bruce Momjian [mailto:pgman@candle.pha.pa.us]
Sent: Monday, September 29, 2003 3:03 AM
To: Angel Todorov
Cc: PostgreSQL General
Subject: Re: [GENERAL] PostgreSQL SSL communication withSecureTcpClient
(Ssl v 3.0)
What version of PostgreSQL are you using?
------------------------------------------------------------------------
---
Angel Todorov wrote:
Hello,
I am currently adding SSL support to the Npgsql driver (the .NETdata
provider for PostgreSQL). I have tested with the Mentalis Secure
Library
(http://www.mentalis.org/soft/projects/ssocket/). I am creating the
SecureTcpSocket as an instance that uses Ssl version 3.0. ThePostgreSQL
server is configured as described in
http://developer.postgresql.org/docs/postgres/ssl-tcp.html . SSLsupport
is added in pg_hba.conf, via hostssl
The exception I get when I run a test application to connect the
database is something like that:Unhandled Exception: Npgsql.NpgsqlException: Error in Open() --->
System.IO.IOException: An I/O exception occurred. --->
Org.Mentalis.Security.SecurityException
: An error occurs while communicating with the remote host. --->
Org.Mentalis.Security.Ssl.Shared.SslException: The server hellomessage
uses a protocol that was not recognized.
Do you have any idea what can be the reason? Thanks in advance.
Regards,
Angel
Angel T. Todorov
PGP public key ID: 1024D/
<http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x35454B4C>35454B4C
-- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073-- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073---------------------------(end of broadcast)---------------------------
TIP 3: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to majordomo@postgresql.org so that your
message can get through to the mailing list cleanly
--
Bruce Momjian | http://candle.pha.pa.us
pgman@candle.pha.pa.us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073
On Mon, 29 Sep 2003, Angel Todorov wrote:
Hello,
I am currently adding SSL support to the Npgsql driver (the .NET data
provider for PostgreSQL). I have tested with the Mentalis Secure Library
(http://www.mentalis.org/soft/projects/ssocket/). I am creating the
SecureTcpSocket as an instance that uses Ssl version 3.0. The PostgreSQL
server is configured as described in
http://developer.postgresql.org/docs/postgres/ssl-tcp.html . SSL support
is added in pg_hba.conf, via hostssl
The exception I get when I run a test application to connect the
database is something like that:Unhandled Exception: Npgsql.NpgsqlException: Error in Open() --->
System.IO.IOException: An I/O exception occurred. --->
Org.Mentalis.Security.SecurityException
: An error occurs while communicating with the remote host. --->
Org.Mentalis.Security.Ssl.Shared.SslException: The server hello message
uses a protocol that was not recognized.Do you have any idea what can be the reason? Thanks in advance.
You are aware that the connection does not start as a SSL connection, but
begins as a normal one and then switches over.
Kris Jurka
Kris Jurka <books@ejurka.com> writes:
On Mon, 29 Sep 2003, Angel Todorov wrote:
: An error occurs while communicating with the remote host. --->
Org.Mentalis.Security.Ssl.Shared.SslException: The server hello message
uses a protocol that was not recognized.Do you have any idea what can be the reason? Thanks in advance.
You are aware that the connection does not start as a SSL connection, but
begins as a normal one and then switches over.
Specifically, you need to eat the initial "S" or "N" response byte from
the server before firing up the SSL startup handshake.
regards, tom lane