NotificationsYou must be signed in to change notification settings
Fork6
Star31

Commit326e1d7

committed

Disallow use of SSL v3 protocol in the server as well as in libpq.

Commit820f08c claimed to make the serverand libpq handle SSL protocol versions identically, but actually the serverwas still accepting SSL v3 protocol while libpq wasn't. Per discussion,SSL v3 is obsolete, and there's no good reason to continue to accept it.So make the code really equivalent on both sides. The behavior now isthat we use the highest mutually-supported TLS protocol version.Marko Kreen, some comment-smithing by me

1 parent3fd3e34 commit326e1d7Copy full SHA for 326e1d7

File tree

2 files changed

+15

-4

lines changed

src
- backend/libpq
  - be-secure.c
- interfaces/libpq
  - fe-secure.c

2 files changed

+15

-4

lines changed

`‎src/backend/libpq/be-secure.c`

Lines changed: 11 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -822,6 +822,13 @@ initialize_SSL(void)`
`822`	`822`	`#endif`
`823`	`823`	`SSL_library_init();`
`824`	`824`	`SSL_load_error_strings();`
	`825`	`+`
	`826`	`+/*`
	`827`	`+ * We use SSLv23_method() because it can negotiate use of the highest`
	`828`	`+ * mutually supported protocol version, while alternatives like`
	`829`	`+ * TLSv1_2_method() permit only one specific version. Note that we`
	`830`	`+ * don't actually allow SSL v2 or v3, only TLS protocols (see below).`
	`831`	`+ */`
`825`	`832`	`SSL_context=SSL_CTX_new(SSLv23_method());`
`826`	`833`	`if (!SSL_context)`
`827`	`834`	`ereport(FATAL,`
`@@ -880,9 +887,11 @@ initialize_SSL(void)`
`880`	`887`	`SSLerrmessage())));`
`881`	`888`	`}`
`882`	`889`
`883`		`-/* set up ephemeral DH keys, and disallow SSL v2 while at it */`
	`890`	`+/* set up ephemeral DH keys, and disallow SSL v2/v3 while at it */`
`884`	`891`	`SSL_CTX_set_tmp_dh_callback(SSL_context,tmp_dh_cb);`
`885`		`-SSL_CTX_set_options(SSL_context,SSL_OP_SINGLE_DH_USE \|SSL_OP_NO_SSLv2);`
	`892`	`+SSL_CTX_set_options(SSL_context,`
	`893`	`+SSL_OP_SINGLE_DH_USE \|`
	`894`	`+SSL_OP_NO_SSLv2 \|SSL_OP_NO_SSLv3);`
`886`	`895`
`887`	`896`	`/* set up ephemeral ECDH keys */`
`888`	`897`	`initialize_ecdh();`

`‎src/interfaces/libpq/fe-secure.c`

Lines changed: 4 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -967,8 +967,10 @@ init_ssl_system(PGconn *conn)`
`967`	`967`	`}`
`968`	`968`
`969`	`969`	`/*`
`970`		`- * Only SSLv23_method() negotiates higher protocol versions;`
`971`		`- * alternatives like TLSv1_2_method() permit one specific version.`
	`970`	`+ * We use SSLv23_method() because it can negotiate use of the highest`
	`971`	`+ * mutually supported protocol version, while alternatives like`
	`972`	`+ * TLSv1_2_method() permit only one specific version. Note that we`
	`973`	`+ * don't actually allow SSL v2 or v3, only TLS protocols (see below).`
`972`	`974`	`*/`
`973`	`975`	`SSL_context=SSL_CTX_new(SSLv23_method());`
`974`	`976`	`if (!SSL_context)`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit326e1d7

File tree

2 files changed

2 files changed

`‎src/backend/libpq/be-secure.c`

`‎src/interfaces/libpq/fe-secure.c`

0 commit comments