pgx icon indicating copy to clipboard operation
pgx copied to clipboard

Published 20 hours ago verified publisher icon jackc

(*PgConn).CancelRequest should support encryption

Open urso opened this issue 5 months ago • 1 comments

The CancelRequest method connects directly to the Postgres instance, ignoring TLS settings the connection was configured with. The PostgresSQL implementation indeed allows you to send unencrypted Cancel requests, but ideally we would support encryption similar to libpq (libpq cancellation API docs):

Many connection parameters of the original client will be reused when setting up the connection for the cancel request. Importantly, if the original connection requires encryption of the connection and/or verification of the target host (using sslmode or gssencmode), then the connection for the cancel request is made with these same requirements. Any connection options that are only used during authentication or after authentication of the client are ignored though, because cancellation requests do not require authentication and the connection is closed right after the cancellation request is submitted.

urso avatar Jun 16 '25 14:06 urso

I'm open to this being changed.

jackc avatar Jun 26 '25 01:06 jackc