Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitb1993a6

Browse files
committed
Minor editorialization for be-secure.c: fix comments and some formatting
infelicities.
1 parentc3bf3bf commitb1993a6

File tree

1 file changed

+25
-27
lines changed

1 file changed

+25
-27
lines changed

‎src/backend/libpq/be-secure.c

Lines changed: 25 additions & 27 deletions
Original file line numberDiff line numberDiff line change
@@ -11,13 +11,13 @@
1111
*
1212
*
1313
* IDENTIFICATION
14-
* $PostgreSQL: pgsql/src/backend/libpq/be-secure.c,v 1.100 2010/05/26 15:52:37 tgl Exp $
14+
* $PostgreSQL: pgsql/src/backend/libpq/be-secure.c,v 1.101 2010/05/2616:15:57 tgl Exp $
1515
*
1616
* Since the server static private key ($DataDir/server.key)
1717
* will normally be stored unencrypted so that the database
1818
* backend can restart automatically, it is important that
1919
* we select an algorithm that continues to provide confidentiality
20-
* even if the attacker has the server's private key.Empheral
20+
* even if the attacker has the server's private key.Ephemeral
2121
* DH (EDH) keys provide this, and in fact provide Perfect Forward
2222
* Secrecy (PFS) except for situations where the session can
2323
* be hijacked during a periodic handshake/renegotiation.
@@ -113,7 +113,7 @@ char *SSLCipherSuites = NULL;
113113
/* ------------------------------------------------------------ */
114114

115115
/*
116-
*Hardcoded DH parameters, used inempheral DH keying.
116+
*Hardcoded DH parameters, used inephemeral DH keying.
117117
*As discussed above, EDH protects the confidentiality of
118118
*sessions even if the static private key is compromised,
119119
*so we are *highly* motivated to ensure that we can use
@@ -411,7 +411,6 @@ secure_write(Port *port, void *ptr, size_t len)
411411
* directly so it gets passed through the socket/signals layer on Win32.
412412
*
413413
* They are closely modelled on the original socket implementations in OpenSSL.
414-
*
415414
*/
416415

417416
staticboolmy_bio_initialized= false;
@@ -501,7 +500,7 @@ my_SSL_set_fd(SSL *s, int fd)
501500
*to verify that the DBA-generated DH parameters file contains
502501
*what we expect it to contain.
503502
*/
504-
staticDH*
503+
staticDH*
505504
load_dh_file(intkeylength)
506505
{
507506
FILE*fp;
@@ -559,7 +558,7 @@ load_dh_file(int keylength)
559558
*To prevent problems if the DH parameters files don't even
560559
*exist, we can load DH parameters hardcoded into this file.
561560
*/
562-
staticDH*
561+
staticDH*
563562
load_dh_buffer(constchar*buffer,size_tlen)
564563
{
565564
BIO*bio;
@@ -579,7 +578,7 @@ load_dh_buffer(const char *buffer, size_t len)
579578
}
580579

581580
/*
582-
*Generate anempheral DH key. Because this can take a long
581+
*Generate anephemeral DH key. Because this can take a long
583582
*time to compute, we can use precomputed parameters of the
584583
*common key sizes.
585584
*
@@ -591,7 +590,7 @@ load_dh_buffer(const char *buffer, size_t len)
591590
*the OpenSSL library can efficiently generate random keys from
592591
*the information provided.
593592
*/
594-
staticDH*
593+
staticDH*
595594
tmp_dh_cb(SSL*s,intis_export,intkeylength)
596595
{
597596
DH*r=NULL;
@@ -737,7 +736,7 @@ initialize_SSL(void)
737736
SSLerrmessage())));
738737

739738
/*
740-
* Load and verify certificate and private key
739+
* Load and verifyserver'scertificate and private key
741740
*/
742741
if (SSL_CTX_use_certificate_chain_file(SSL_context,
743742
SERVER_CERT_FILE)!=1)
@@ -782,62 +781,59 @@ initialize_SSL(void)
782781
SSLerrmessage())));
783782
}
784783

785-
/* set upempheral DH keys */
784+
/* set upephemeral DH keys, and disallow SSL v2 while at it */
786785
SSL_CTX_set_tmp_dh_callback(SSL_context,tmp_dh_cb);
787786
SSL_CTX_set_options(SSL_context,SSL_OP_SINGLE_DH_USE |SSL_OP_NO_SSLv2);
788787

789-
/*setup the allowed cipher list */
788+
/*set up the allowed cipher list */
790789
if (SSL_CTX_set_cipher_list(SSL_context,SSLCipherSuites)!=1)
791790
elog(FATAL,"could not set the cipher list (no valid ciphers available)");
792791

793792
/*
794793
* Attempt to load CA store, so we can verify client certificates if
795794
* needed.
796795
*/
797-
if (access(ROOT_CERT_FILE,R_OK))
798-
{
799-
ssl_loaded_verify_locations= false;
796+
ssl_loaded_verify_locations= false;
800797

798+
if (access(ROOT_CERT_FILE,R_OK)!=0)
799+
{
801800
/*
802-
* If root certificate file simply not found. Don't log an error here,
801+
* If root certificate file simply not found, don't log an error here,
803802
* because it's quite likely the user isn't planning on using client
804803
* certificates. If we can't access it for other reasons, it is an
805804
* error.
806805
*/
807806
if (errno!=ENOENT)
808-
{
809807
ereport(FATAL,
810808
(errmsg("could not access root certificate file \"%s\": %m",
811809
ROOT_CERT_FILE)));
812-
}
813810
}
814811
elseif (SSL_CTX_load_verify_locations(SSL_context,ROOT_CERT_FILE,NULL)!=1||
815812
(root_cert_list=SSL_load_client_CA_file(ROOT_CERT_FILE))==NULL)
816813
{
817814
/*
818815
* File was there, but we could not load it. This means the file is
819-
* somehow broken, and we cannot do verification at all - so abort
820-
* here.
816+
* somehow broken, and we cannot do verification at all - so fail.
821817
*/
822-
ssl_loaded_verify_locations= false;
823818
ereport(FATAL,
824819
(errmsg("could not load root certificate file \"%s\": %s",
825820
ROOT_CERT_FILE,SSLerrmessage())));
826821
}
827822
else
828823
{
829-
/*
830-
*Check the Certificate Revocation List (CRL) if file exists.
831-
* http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci803160,
832-
* 00.html
824+
/*----------
825+
*Load the Certificate Revocation List (CRL) if file exists.
826+
* http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci803160,00.html
827+
*----------
833828
*/
834829
X509_STORE*cvstore=SSL_CTX_get_cert_store(SSL_context);
835830

836831
if (cvstore)
837832
{
838833
/* Set the flags to check against the complete CRL chain */
839834
if (X509_STORE_load_locations(cvstore,ROOT_CRL_FILE,NULL)==1)
840-
/* OpenSSL 0.96 does not support X509_V_FLAG_CRL_CHECK */
835+
{
836+
/* OpenSSL 0.96 does not support X509_V_FLAG_CRL_CHECK */
841837
#ifdefX509_V_FLAG_CRL_CHECK
842838
X509_STORE_set_flags(cvstore,
843839
X509_V_FLAG_CRL_CHECK |X509_V_FLAG_CRL_CHECK_ALL);
@@ -847,6 +843,7 @@ initialize_SSL(void)
847843
ROOT_CRL_FILE),
848844
errdetail("SSL library does not support certificate revocation lists.")));
849845
#endif
846+
}
850847
else
851848
{
852849
/* Not fatal - we do not require CRL */
@@ -858,14 +855,15 @@ initialize_SSL(void)
858855

859856
/*
860857
* Always ask for SSL client cert, but don't fail if it's not
861-
* presented.We'llfaillater in this case, based on what we find
862-
* in pg_hba.conf.
858+
* presented. We mightfailsuch connections later, depending on
859+
*what we findin pg_hba.conf.
863860
*/
864861
SSL_CTX_set_verify(SSL_context,
865862
(SSL_VERIFY_PEER |
866863
SSL_VERIFY_CLIENT_ONCE),
867864
verify_cb);
868865

866+
/* Set flag to remember CA store is successfully loaded */
869867
ssl_loaded_verify_locations= true;
870868
}
871869

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp