database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-07-30 11:03:19 +03:00
Code Activity

SSL patch to periodically renegotiate session key.

Browse Source 
In order to reduce the risk of cryptanalysis during extended
sessions (or brief ones involving a substantial amount of data),
this patch renegotiates the session key after 64kib has been
transferred.

Bear Giles
This commit is contained in:
Bruce Momjian
2002-06-14 04:33:53 +00:00
parent 55d053233c
commit 8f44024639
2 changed files with 31 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
src/backend/libpq/be-secure.c
View File

@ -11,7 +11,7 @@
* *
* *
* IDENTIFICATION * IDENTIFICATION
* $Header: /cvsroot/pgsql/src/backend/libpq/be-secure.c,v 1.2 2002/06/14 04:31:49 momjian Exp $ * $Header: /cvsroot/pgsql/src/backend/libpq/be-secure.c,v 1.3 2002/06/14 04:33:53 momjian Exp $
* *
* Since the server static private key ($DataDir/server.key) * Since the server static private key ($DataDir/server.key)
* will normally be stored unencrypted so that the database * will normally be stored unencrypted so that the database
@ -39,6 +39,12 @@
* session. In this case you'll need to temporarily disable * session. In this case you'll need to temporarily disable
* EDH by commenting out the callback. * EDH by commenting out the callback.
* *
* ...
*
* Because the risk of cryptanalysis increases as large
* amounts of data are sent with the same session key, the
* session keys are periodically renegotiated.
*
* PATCH LEVEL * PATCH LEVEL
* milestone 1: fix basic coding errors * milestone 1: fix basic coding errors
* [*] existing SSL code pulled out of existing files. * [*] existing SSL code pulled out of existing files.
@ -52,7 +58,7 @@
* milestone 3: improve confidentially, support perfect forward secrecy * milestone 3: improve confidentially, support perfect forward secrecy
* [ ] use 'random' file, read from '/dev/urandom?' * [ ] use 'random' file, read from '/dev/urandom?'
* [*] emphermal DH keys, default values * [*] emphermal DH keys, default values
* [ ] periodic renegotiation * [*] periodic renegotiation
* [ ] private key permissions * [ ] private key permissions
* *
* milestone 4: provide endpoint authentication (client) * milestone 4: provide endpoint authentication (client)
@ -126,6 +132,12 @@ static const char *SSLerrmessage(void);
#endif #endif
#ifdef USE_SSL #ifdef USE_SSL
/*
* How much data can be sent across a secure connection
* (total in both directions) before we require renegotiation.
*/
#define RENEGOTIATION_LIMIT (64 * 1024)
static SSL_CTX *SSL_context = NULL; static SSL_CTX *SSL_context = NULL;
#endif #endif
@ -261,10 +273,17 @@ secure_read (Port *port, void *ptr, size_t len)
#ifdef USE_SSL #ifdef USE_SSL
if (port->ssl) if (port->ssl)
{ {
if (port->count > RENEGOTIATION_LIMIT)
{
SSL_renegotiate(port->ssl);
port->count = 0;
}
n = SSL_read(port->ssl, ptr, len); n = SSL_read(port->ssl, ptr, len);
switch (SSL_get_error(port->ssl, n)) switch (SSL_get_error(port->ssl, n))
{ {
case SSL_ERROR_NONE: case SSL_ERROR_NONE:
port->count += n;
break; break;
case SSL_ERROR_WANT_READ: case SSL_ERROR_WANT_READ:
break; break;
@ -304,10 +323,17 @@ secure_write (Port *port, const void *ptr, size_t len)
#ifdef USE_SSL #ifdef USE_SSL
if (port->ssl) if (port->ssl)
{ {
if (port->count > RENEGOTIATION_LIMIT)
{
SSL_renegotiate(port->ssl);
port->count = 0;
}
n = SSL_write(port->ssl, ptr, len); n = SSL_write(port->ssl, ptr, len);
switch (SSL_get_error(port->ssl, n)) switch (SSL_get_error(port->ssl, n))
{ {
case SSL_ERROR_NONE: case SSL_ERROR_NONE:
port->count += n;
break; break;
case SSL_ERROR_WANT_WRITE: case SSL_ERROR_WANT_WRITE:
break; break;
@ -574,6 +600,7 @@ open_server_SSL (Port *port)
close_SSL(port); close_SSL(port);
return -1; return -1;
} }
port->count = 0;
return 0; return 0;
} }

3
src/include/libpq/libpq-be.h
View File

@ -11,7 +11,7 @@
* Portions Copyright (c) 1996-2001, PostgreSQL Global Development Group * Portions Copyright (c) 1996-2001, PostgreSQL Global Development Group
* Portions Copyright (c) 1994, Regents of the University of California * Portions Copyright (c) 1994, Regents of the University of California
* *
* $Id: libpq-be.h,v 1.29 2002/06/14 04:09:37 momjian Exp $ * $Id: libpq-be.h,v 1.30 2002/06/14 04:33:53 momjian Exp $
* *
*------------------------------------------------------------------------- *-------------------------------------------------------------------------
*/ */
@ -70,6 +70,7 @@ typedef struct Port
*/ */
#ifdef USE_SSL #ifdef USE_SSL
SSL *ssl; SSL *ssl;
unsigned long count;
#endif #endif
} Port; } Port;