Attached are a revised set of SSL patches. Many of these patches

are motivated by security concerns, it's not just bug fixes.  The key
differences (from stock 7.2.1) are:

*) almost all code that directly uses the OpenSSL library is in two
   new files,

     src/interfaces/libpq/fe-ssl.c
     src/backend/postmaster/be-ssl.c

   in the long run, it would be nice to merge these two files.

*) the legacy code to read and write network data have been
   encapsulated into read_SSL() and write_SSL().  These functions
   should probably be renamed - they handle both SSL and non-SSL
   cases.

   the remaining code should eliminate the problems identified
   earlier, albeit not very cleanly.

*) both front- and back-ends will send a SSL shutdown via the
   new close_SSL() function.  This is necessary for sessions to
   work properly.

   (Sessions are not yet fully supported, but by cleanly closing
   the SSL connection instead of just sending a TCP FIN packet
   other SSL tools will be much happier.)

*) The client certificate and key are now expected in a subdirectory
   of the user's home directory.  Specifically,

	- the directory .postgresql must be owned by the user, and
	  allow no access by 'group' or 'other.'

	- the file .postgresql/postgresql.crt must be a regular file
	  owned by the user.

	- the file .postgresql/postgresql.key must be a regular file
	  owned by the user, and allow no access by 'group' or 'other'.

   At the current time encrypted private keys are not supported.
   There should also be a way to support multiple client certs/keys.

*) the front-end performs minimal validation of the back-end cert.
   Self-signed certs are permitted, but the common name *must*
   match the hostname used by the front-end.  (The cert itself
   should always use a fully qualified domain name (FDQN) in its
   common name field.)

   This means that

	  psql -h eris db

   will fail, but

	  psql -h eris.example.com db

   will succeed.  At the current time this must be an exact match;
   future patches may support any FQDN that resolves to the address
   returned by getpeername(2).

   Another common "problem" is expiring certs.  For now, it may be
   a good idea to use a very-long-lived self-signed cert.

   As a compile-time option, the front-end can specify a file
   containing valid root certificates, but it is not yet required.

*) the back-end performs minimal validation of the client cert.
   It allows self-signed certs.  It checks for expiration.  It
   supports a compile-time option specifying a file containing
   valid root certificates.

*) both front- and back-ends default to TLSv1, not SSLv3/SSLv2.

*) both front- and back-ends support DSA keys.  DSA keys are
   moderately more expensive on startup, but many people consider
   them preferable than RSA keys.  (E.g., SSH2 prefers DSA keys.)

*) if /dev/urandom exists, both client and server will read 16k
   of randomization data from it.

*) the server can read empheral DH parameters from the files

     $DataDir/dh512.pem
     $DataDir/dh1024.pem
     $DataDir/dh2048.pem
     $DataDir/dh4096.pem

   if none are provided, the server will default to hardcoded
   parameter files provided by the OpenSSL project.

Remaining tasks:

*) the select() clauses need to be revisited - the SSL abstraction
   layer may need to absorb more of the current code to avoid rare
   deadlock conditions.  This also touches on a true solution to
   the pg_eof() problem.

*) the SIGPIPE signal handler may need to be revisited.

*) support encrypted private keys.

*) sessions are not yet fully supported.  (SSL sessions can span
   multiple "connections," and allow the client and server to avoid
   costly renegotiations.)

*) makecert - a script that creates back-end certs.

*) pgkeygen - a tool that creates front-end certs.

*) the whole protocol issue, SASL, etc.

 *) certs are fully validated - valid root certs must be available.
    This is a hassle, but it means that you *can* trust the identity
    of the server.

 *) the client library can handle hardcoded root certificates, to
    avoid the need to copy these files.

 *) host name of server cert must resolve to IP address, or be a
    recognized alias.  This is more liberal than the previous
    iteration.

 *) the number of bytes transferred is tracked, and the session
    key is periodically renegotiated.

 *) basic cert generation scripts (mkcert.sh, pgkeygen.sh).  The
    configuration files have reasonable defaults for each type
    of use.

Bear Giles

1 files changed, 17 insertions, 33 deletions

diff --git a/src/interfaces/libpq/fe-misc.c b/src/interfaces/libpq/fe-misc.c
index 643c81055fc..64a05c8dbe5 100644
--- a/src/interfaces/libpq/fe-misc.c
+++ b/src/interfaces/libpq/fe-misc.c
@@ -25,7 +25,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-misc.c,v 1.70 2002/04/24 02:26:06 momjian Exp $
+ *	  $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-misc.c,v 1.71 2002/06/14 03:56:47 momjian Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -55,6 +55,13 @@
 #include "mb/pg_wchar.h"
 #endif
 
+/* these functions are misnamed - they handle both SSL and non-SSL case */
+extern ssize_t read_SSL (PGconn *, void *ptr, size_t);
+extern ssize_t write_SSL (PGconn *, const void *ptr, size_t);
+
+#ifdef USE_SSL
+extern ssize_t close_SSL (PGconn *);
+#endif
 
 #define DONOTICE(conn,message) \
 	((*(conn)->noticeHook) ((conn)->noticeArg, (message)))
@@ -477,14 +484,8 @@ pqReadData(PGconn *conn)
 
 	/* OK, try to read some data */
 retry3:
-#ifdef USE_SSL
-	if (conn->ssl)
-		nread = SSL_read(conn->ssl, conn->inBuffer + conn->inEnd,
-						 conn->inBufSize - conn->inEnd);
-	else
-#endif
-		nread = recv(conn->sock, conn->inBuffer + conn->inEnd,
-					 conn->inBufSize - conn->inEnd, 0);
+	nread = read_SSL(conn, conn->inBuffer + conn->inEnd,
+					 conn->inBufSize - conn->inEnd);
 	if (nread < 0)
 	{
 		if (SOCK_ERRNO == EINTR)
@@ -563,14 +564,8 @@ retry3:
 	 * arrived.
 	 */
 retry4:
-#ifdef USE_SSL
-	if (conn->ssl)
-		nread = SSL_read(conn->ssl, conn->inBuffer + conn->inEnd,
-						 conn->inBufSize - conn->inEnd);
-	else
-#endif
-		nread = recv(conn->sock, conn->inBuffer + conn->inEnd,
-					 conn->inBufSize - conn->inEnd, 0);
+	nread = read_SSL(conn, conn->inBuffer + conn->inEnd,
+					 conn->inBufSize - conn->inEnd);
 	if (nread < 0)
 	{
 		if (SOCK_ERRNO == EINTR)
@@ -611,6 +606,9 @@ definitelyFailed:
 			   "\tThis probably means the server terminated abnormally\n"
 						 "\tbefore or while processing the request.\n"));
 	conn->status = CONNECTION_BAD;		/* No more connection to backend */
+#ifdef USE_SSL
+	close_SSL(conn);
+#endif
 #ifdef WIN32
 	closesocket(conn->sock);
 #else
@@ -650,23 +648,9 @@ pqSendSome(PGconn *conn)
 	/* while there's still data to send */
 	while (len > 0)
 	{
-		/* Prevent being SIGPIPEd if backend has closed the connection. */
-#ifndef WIN32
-		pqsigfunc	oldsighandler = pqsignal(SIGPIPE, SIG_IGN);
-#endif
-
 		int			sent;
 
-#ifdef USE_SSL
-		if (conn->ssl)
-			sent = SSL_write(conn->ssl, ptr, len);
-		else
-#endif
-			sent = send(conn->sock, ptr, len, 0);
-
-#ifndef WIN32
-		pqsignal(SIGPIPE, oldsighandler);
-#endif
+		sent = write_SSL(conn, ptr, len);
 
 		if (sent < 0)
 		{
@@ -732,7 +716,7 @@ pqSendSome(PGconn *conn)
 			 */
 #ifdef USE_SSL
 			/* can't do anything for our SSL users yet */
-			if (conn->ssl == NULL)
+			if (PQgetssl(conn) == NULL)
 			{
 #endif
 				if (pqIsnonblocking(conn))