Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitf1b3d5b

Browse files
committed
Remove unused function SSL_CTX_set_tmp_dh_callback() from libpq:
In the SSL code in libpq it does some processing with DH parameters:SSL_CTX_set_tmp_dh_callback()This function is marked as server use only[1], the client always usesthe DH parameters in the server, so all the code in the client dealingwith the DH parameters is useless. This patch removes it.It's not clear why the code was added in the first place, it's beenthere almost since the beginning[2]. At the time there was a suggestionof merging the front-end and backend SSL code, but looking at thechanges since, that seems unlikely.As a further example, the s_server program allows you to specify DHparams, but s_client doesn't. In the GnuTLS documentation undergnutls_dh_params_generate2() it says[3]: Also note that the DH parameters are only useful to servers. Since clients use the parameters sent by the server, it's of no use to call this in client side.
1 parent02eb8f4 commitf1b3d5b

File tree

1 file changed

+1
-207
lines changed

1 file changed

+1
-207
lines changed

‎src/interfaces/libpq/fe-secure.c

Lines changed: 1 addition & 207 deletions
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@
1111
*
1212
*
1313
* IDENTIFICATION
14-
* $PostgreSQL: pgsql/src/interfaces/libpq/fe-secure.c,v 1.75 2006/03/05 15:59:09 momjian Exp $
14+
* $PostgreSQL: pgsql/src/interfaces/libpq/fe-secure.c,v 1.76 2006/04/27 00:36:34 momjian Exp $
1515
*
1616
* NOTES
1717
* [ Most of these notes are wrong/obsolete, but perhaps not all ]
@@ -116,7 +116,6 @@
116116

117117
#ifdefUSE_SSL
118118
#include<openssl/ssl.h>
119-
#include<openssl/dh.h>
120119
#endif/* USE_SSL */
121120

122121

@@ -126,22 +125,17 @@
126125
#defineUSERCERTFILE".postgresql/postgresql.crt"
127126
#defineUSERKEYFILE".postgresql/postgresql.key"
128127
#defineROOTCERTFILE".postgresql/root.crt"
129-
#defineDHFILEPATTERN"%s/.postgresql/dh%d.pem"
130128
#else
131129
/* On Windows, the "home" directory is already PostgreSQL-specific */
132130
#defineUSERCERTFILE"postgresql.crt"
133131
#defineUSERKEYFILE"postgresql.key"
134132
#defineROOTCERTFILE"root.crt"
135-
#defineDHFILEPATTERN"%s/dh%d.pem"
136133
#endif
137134

138135
#ifdefNOT_USED
139136
staticintverify_peer(PGconn*);
140137
#endif
141138
staticintverify_cb(intok,X509_STORE_CTX*ctx);
142-
staticDH*load_dh_file(intkeylength);
143-
staticDH*load_dh_buffer(constchar*,size_t);
144-
staticDH*tmp_dh_cb(SSL*s,intis_export,intkeylength);
145139
staticintclient_cert_cb(SSL*,X509**,EVP_PKEY**);
146140
staticintinit_ssl_system(PGconn*conn);
147141
staticintinitialize_SSL(PGconn*);
@@ -158,62 +152,6 @@ static bool pq_initssllib = true;
158152
staticSSL_CTX*SSL_context=NULL;
159153
#endif
160154

161-
/* ------------------------------------------------------------ */
162-
/* Hardcoded values*/
163-
/* ------------------------------------------------------------ */
164-
165-
/*
166-
*Hardcoded DH parameters, used in empheral DH keying.
167-
*As discussed above, EDH protects the confidentiality of
168-
*sessions even if the static private key is compromised,
169-
*so we are *highly* motivated to ensure that we can use
170-
*EDH even if the user... or an attacker... deletes the
171-
*~/.postgresql/dh*.pem files.
172-
*
173-
*It's not critical that users have EPH keys, but it doesn't
174-
*hurt and if it's missing someone will demand it, so....
175-
*/
176-
#ifdefUSE_SSL
177-
178-
staticconstcharfile_dh512[]=
179-
"-----BEGIN DH PARAMETERS-----\n\
180-
MEYCQQD1Kv884bEpQBgRjXyEpwpy1obEAxnIByl6ypUM2Zafq9AKUJsCRtMIPWak\n\
181-
XUGfnHy9iUsiGSa6q6Jew1XpKgVfAgEC\n\
182-
-----END DH PARAMETERS-----\n";
183-
184-
staticconstcharfile_dh1024[]=
185-
"-----BEGIN DH PARAMETERS-----\n\
186-
MIGHAoGBAPSI/VhOSdvNILSd5JEHNmszbDgNRR0PfIizHHxbLY7288kjwEPwpVsY\n\
187-
jY67VYy4XTjTNP18F1dDox0YbN4zISy1Kv884bEpQBgRjXyEpwpy1obEAxnIByl6\n\
188-
ypUM2Zafq9AKUJsCRtMIPWakXUGfnHy9iUsiGSa6q6Jew1XpL3jHAgEC\n\
189-
-----END DH PARAMETERS-----\n";
190-
191-
staticconstcharfile_dh2048[]=
192-
"-----BEGIN DH PARAMETERS-----\n\
193-
MIIBCAKCAQEA9kJXtwh/CBdyorrWqULzBej5UxE5T7bxbrlLOCDaAadWoxTpj0BV\n\
194-
89AHxstDqZSt90xkhkn4DIO9ZekX1KHTUPj1WV/cdlJPPT2N286Z4VeSWc39uK50\n\
195-
T8X8dryDxUcwYc58yWb/Ffm7/ZFexwGq01uejaClcjrUGvC/RgBYK+X0iP1YTknb\n\
196-
zSC0neSRBzZrM2w4DUUdD3yIsxx8Wy2O9vPJI8BD8KVbGI2Ou1WMuF040zT9fBdX\n\
197-
Q6MdGGzeMyEstSr/POGxKUAYEY18hKcKctaGxAMZyAcpesqVDNmWn6vQClCbAkbT\n\
198-
CD1mpF1Bn5x8vYlLIhkmuquiXsNV6TILOwIBAg==\n\
199-
-----END DH PARAMETERS-----\n";
200-
201-
staticconstcharfile_dh4096[]=
202-
"-----BEGIN DH PARAMETERS-----\n\
203-
MIICCAKCAgEA+hRyUsFN4VpJ1O8JLcCo/VWr19k3BCgJ4uk+d+KhehjdRqNDNyOQ\n\
204-
l/MOyQNQfWXPeGKmOmIig6Ev/nm6Nf9Z2B1h3R4hExf+zTiHnvVPeRBhjdQi81rt\n\
205-
Xeoh6TNrSBIKIHfUJWBh3va0TxxjQIs6IZOLeVNRLMqzeylWqMf49HsIXqbcokUS\n\
206-
Vt1BkvLdW48j8PPv5DsKRN3tloTxqDJGo9tKvj1Fuk74A+Xda1kNhB7KFlqMyN98\n\
207-
VETEJ6c7KpfOo30mnK30wqw3S8OtaIR/maYX72tGOno2ehFDkq3pnPtEbD2CScxc\n\
208-
alJC+EL7RPk5c/tgeTvCngvc1KZn92Y//EI7G9tPZtylj2b56sHtMftIoYJ9+ODM\n\
209-
sccD5Piz/rejE3Ome8EOOceUSCYAhXn8b3qvxVI1ddd1pED6FHRhFvLrZxFvBEM9\n\
210-
ERRMp5QqOaHJkM+Dxv8Cj6MqrCbfC4u+ZErxodzuusgDgvZiLF22uxMZbobFWyte\n\
211-
OvOzKGtwcTqO/1wV5gKkzu1ZVswVUQd5Gg8lJicwqRWyyNRczDDoG9jVDxmogKTH\n\
212-
AaqLulO7R8Ifa1SwF2DteSGVtgWEN8gDpN3RBmmPTDngyF2DHb5qmpnznwtFKdTL\n\
213-
KWbuHn491xNO25CQWMtem80uKw+pTnisBRF/454n1Jnhub144YRBoN8CAQI=\n\
214-
-----END DH PARAMETERS-----\n";
215-
#endif
216-
217155
/* ------------------------------------------------------------ */
218156
/* Procedures common to all secure sessions*/
219157
/* ------------------------------------------------------------ */
@@ -621,146 +559,6 @@ verify_peer(PGconn *conn)
621559
}
622560
#endif/* NOT_USED */
623561

624-
/*
625-
*Load precomputed DH parameters.
626-
*
627-
*To prevent "downgrade" attacks, we perform a number of checks
628-
*to verify that the DBA-generated DH parameters file contains
629-
*what we expect it to contain.
630-
*/
631-
staticDH*
632-
load_dh_file(intkeylength)
633-
{
634-
charhomedir[MAXPGPATH];
635-
charfnbuf[MAXPGPATH];
636-
FILE*fp;
637-
DH*dh;
638-
intcodes;
639-
640-
if (!pqGetHomeDirectory(homedir,sizeof(homedir)))
641-
returnNULL;
642-
643-
/* attempt to open file. It's not an error if it doesn't exist. */
644-
snprintf(fnbuf,sizeof(fnbuf),DHFILEPATTERN,homedir,keylength);
645-
646-
if ((fp=fopen(fnbuf,"r"))==NULL)
647-
returnNULL;
648-
649-
/*flock(fileno(fp), LOCK_SH); */
650-
dh=PEM_read_DHparams(fp,NULL,NULL,NULL);
651-
/*flock(fileno(fp), LOCK_UN); */
652-
fclose(fp);
653-
654-
/* is the prime the correct size? */
655-
if (dh!=NULL&&8*DH_size(dh)<keylength)
656-
dh=NULL;
657-
658-
/* make sure the DH parameters are usable */
659-
if (dh!=NULL)
660-
{
661-
if (DH_check(dh,&codes))
662-
returnNULL;
663-
if (codes&DH_CHECK_P_NOT_PRIME)
664-
returnNULL;
665-
if ((codes&DH_NOT_SUITABLE_GENERATOR)&&
666-
(codes&DH_CHECK_P_NOT_SAFE_PRIME))
667-
returnNULL;
668-
}
669-
670-
returndh;
671-
}
672-
673-
/*
674-
*Load hardcoded DH parameters.
675-
*
676-
*To prevent problems if the DH parameters files don't even
677-
*exist, we can load DH parameters hardcoded into this file.
678-
*/
679-
staticDH*
680-
load_dh_buffer(constchar*buffer,size_tlen)
681-
{
682-
BIO*bio;
683-
DH*dh=NULL;
684-
685-
bio=BIO_new_mem_buf((char*)buffer,len);
686-
if (bio==NULL)
687-
returnNULL;
688-
dh=PEM_read_bio_DHparams(bio,NULL,NULL,NULL);
689-
BIO_free(bio);
690-
691-
returndh;
692-
}
693-
694-
/*
695-
*Generate an empheral DH key. Because this can take a long
696-
*time to compute, we can use precomputed parameters of the
697-
*common key sizes.
698-
*
699-
*Since few sites will bother to precompute these parameter
700-
*files, we also provide a fallback to the parameters provided
701-
*by the OpenSSL project.
702-
*
703-
*These values can be static (once loaded or computed) since
704-
*the OpenSSL library can efficiently generate random keys from
705-
*the information provided.
706-
*/
707-
staticDH*
708-
tmp_dh_cb(SSL*s,intis_export,intkeylength)
709-
{
710-
DH*r=NULL;
711-
staticDH*dh=NULL;
712-
staticDH*dh512=NULL;
713-
staticDH*dh1024=NULL;
714-
staticDH*dh2048=NULL;
715-
staticDH*dh4096=NULL;
716-
717-
switch (keylength)
718-
{
719-
case512:
720-
if (dh512==NULL)
721-
dh512=load_dh_file(keylength);
722-
if (dh512==NULL)
723-
dh512=load_dh_buffer(file_dh512,sizeoffile_dh512);
724-
r=dh512;
725-
break;
726-
727-
case1024:
728-
if (dh1024==NULL)
729-
dh1024=load_dh_file(keylength);
730-
if (dh1024==NULL)
731-
dh1024=load_dh_buffer(file_dh1024,sizeoffile_dh1024);
732-
r=dh1024;
733-
break;
734-
735-
case2048:
736-
if (dh2048==NULL)
737-
dh2048=load_dh_file(keylength);
738-
if (dh2048==NULL)
739-
dh2048=load_dh_buffer(file_dh2048,sizeoffile_dh2048);
740-
r=dh2048;
741-
break;
742-
743-
case4096:
744-
if (dh4096==NULL)
745-
dh4096=load_dh_file(keylength);
746-
if (dh4096==NULL)
747-
dh4096=load_dh_buffer(file_dh4096,sizeoffile_dh4096);
748-
r=dh4096;
749-
break;
750-
751-
default:
752-
if (dh==NULL)
753-
dh=load_dh_file(keylength);
754-
r=dh;
755-
}
756-
757-
/* this may take a long time, but it may be necessary... */
758-
if (r==NULL||8*DH_size(r)<keylength)
759-
r=DH_generate_parameters(keylength,DH_GENERATOR_2,NULL,NULL);
760-
761-
returnr;
762-
}
763-
764562
/*
765563
*Callback used by SSL to load client cert and key.
766564
*This callback is only called when the server wants a
@@ -1001,10 +799,6 @@ initialize_SSL(PGconn *conn)
1001799
}
1002800
}
1003801

1004-
/* set up empheral DH keys */
1005-
SSL_CTX_set_tmp_dh_callback(SSL_context,tmp_dh_cb);
1006-
SSL_CTX_set_options(SSL_context,SSL_OP_SINGLE_DH_USE);
1007-
1008802
/* set up mechanism to provide client certificate, if available */
1009803
SSL_CTX_set_client_cert_cb(SSL_context,client_cert_cb);
1010804

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp