database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-08-06 18:42:54 +03:00
Code Activity

Back-patch addition of ssl_renegotiation_limit into 7.4 through 8.1.

Browse Source
This commit is contained in:
Tom Lane
2010-02-25 23:45:29 +00:00
parent a0b3d52af1
commit 8b33d83cc5
4 changed files with 46 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
doc/src/sgml/runtime.sgml
View File

@@ -1,5 +1,5 @@
<!-- <!--
$Header: /cvsroot/pgsql/doc/src/sgml/runtime.sgml,v 1.215.2.10 2007/04/20 02:38:46 tgl Exp $ $Header: /cvsroot/pgsql/doc/src/sgml/runtime.sgml,v 1.215.2.11 2010/02/25 23:45:28 tgl Exp $
--> -->
<Chapter Id="runtime"> <Chapter Id="runtime">
@@ -755,6 +755,32 @@ SET ENABLE_SEQSCAN TO OFF;
</listitem> </listitem>
</varlistentry> </varlistentry>
<varlistentry>
<term><varname>ssl_renegotiation_limit</varname> (<type>int</type>)</term>
<indexterm>
<primary><varname>ssl_renegotiation_limit</> configuration parameter</primary>
</indexterm>
<listitem>
<para>
Specifies how much data can flow over an <acronym>SSL</> encrypted connection
before renegotiation of the session will take place. Renegotiation of the
session decreases the chance of doing cryptanalysis when large amounts of data
are sent, but it also carries a large performance penalty. The sum of
sent and received traffic is used to check the limit. If the parameter is
set to 0, renegotiation is disabled. The default is <literal>512MB</>.
</para>
<note>
<para>
SSL libraries from before November 2009 are insecure when using SSL
renegotiation, due to a vulnerability in the SSL protocol. As a stop-gap fix
for this vulnerability, some vendors also shipped SSL libraries incapable
of doing renegotiation. If any of these libraries are in use on the client
or server, SSL renegotiation should be disabled.
</para>
</note>
</listitem>
</varlistentry>
<varlistentry> <varlistentry>
<term><varname>password_encryption</varname> (<type>boolean</type>)</term> <term><varname>password_encryption</varname> (<type>boolean</type>)</term>
<listitem> <listitem>

10
src/backend/libpq/be-secure.c
View File

@@ -11,7 +11,7 @@
* *
* *
* IDENTIFICATION * IDENTIFICATION
* $Header: /cvsroot/pgsql/src/backend/libpq/be-secure.c,v 1.43.2.6 2009/12/09 06:37:09 mha Exp $ * $Header: /cvsroot/pgsql/src/backend/libpq/be-secure.c,v 1.43.2.7 2010/02/25 23:45:28 tgl Exp $
* *
* Since the server static private key ($DataDir/server.key) * Since the server static private key ($DataDir/server.key)
* will normally be stored unencrypted so that the database * will normally be stored unencrypted so that the database
@@ -112,14 +112,16 @@ static void close_SSL(Port *);
static const char *SSLerrmessage(void); static const char *SSLerrmessage(void);
#endif #endif
#ifdef USE_SSL
/* /*
* How much data can be sent across a secure connection * How much data can be sent across a secure connection
* (total in both directions) before we require renegotiation. * (total in both directions) before we require renegotiation.
* Set to 0 to disable renegotiation completely.
*/ */
#define RENEGOTIATION_LIMIT (512 * 1024 * 1024) int ssl_renegotiation_limit;
#define CA_PATH NULL #define CA_PATH NULL
#ifdef USE_SSL
static SSL_CTX *SSL_context = NULL; static SSL_CTX *SSL_context = NULL;
#endif #endif
@@ -318,7 +320,7 @@ secure_write(Port *port, void *ptr, size_t len)
#ifdef USE_SSL #ifdef USE_SSL
if (port->ssl) if (port->ssl)
{ {
if (port->count > RENEGOTIATION_LIMIT) if (ssl_renegotiation_limit && port->count > ssl_renegotiation_limit * 1024L)
{ {
SSL_set_session_id_context(port->ssl, (void *) &SSL_context, SSL_set_session_id_context(port->ssl, (void *) &SSL_context,
sizeof(SSL_context)); sizeof(SSL_context));

12
src/backend/utils/misc/guc.c
View File

@@ -10,7 +10,7 @@
* Written by Peter Eisentraut <peter_e@gmx.net>. * Written by Peter Eisentraut <peter_e@gmx.net>.
* *
* IDENTIFICATION * IDENTIFICATION
* $Header: /cvsroot/pgsql/src/backend/utils/misc/guc.c,v 1.164.2.7 2009/12/09 21:59:07 tgl Exp $ * $Header: /cvsroot/pgsql/src/backend/utils/misc/guc.c,v 1.164.2.8 2010/02/25 23:45:28 tgl Exp $
* *
*-------------------------------------------------------------------- *--------------------------------------------------------------------
*/ */
@@ -75,6 +75,7 @@ extern int CheckPointTimeout;
extern int CommitDelay; extern int CommitDelay;
extern int CommitSiblings; extern int CommitSiblings;
extern char *preload_libraries_string; extern char *preload_libraries_string;
extern int ssl_renegotiation_limit;
#ifdef HAVE_SYSLOG #ifdef HAVE_SYSLOG
extern char *Syslog_facility; extern char *Syslog_facility;
@@ -976,6 +977,15 @@ static struct config_int ConfigureNamesInt[] =
DEF_PGPORT, 1, 65535, NULL, NULL DEF_PGPORT, 1, 65535, NULL, NULL
}, },
{
{"ssl_renegotiation_limit", PGC_USERSET, CONN_AUTH_SECURITY,
gettext_noop("Set the amount of traffic to send and receive before renegotiating the encryption keys."),
NULL
},
&ssl_renegotiation_limit,
512 * 1024, 0, INT_MAX / 1024, NULL, NULL
},
{ {
{"unix_socket_permissions", PGC_POSTMASTER, CONN_AUTH_SETTINGS, {"unix_socket_permissions", PGC_POSTMASTER, CONN_AUTH_SETTINGS,
gettext_noop("Sets the access permissions of the Unix-domain socket."), gettext_noop("Sets the access permissions of the Unix-domain socket."),

2
src/backend/utils/misc/postgresql.conf.sample
View File

@@ -44,6 +44,8 @@
#authentication_timeout = 60 # 1-600, in seconds #authentication_timeout = 60 # 1-600, in seconds
#ssl = false #ssl = false
#ssl_renegotiation_limit = 524288 # amount of data between renegotiations
# in kilobytes
#password_encryption = true #password_encryption = true
#krb_server_keyfile = '' #krb_server_keyfile = ''
#db_user_namespace = false #db_user_namespace = false