From 19570420f5318343ed7a263cc6046fd5605b22cc Mon Sep 17 00:00:00 2001 From: Bruce Momjian Date: Fri, 14 Jun 2002 04:23:17 +0000 Subject: UPDATED PATCH: Attached are a revised set of SSL patches. Many of these patches are motivated by security concerns, it's not just bug fixes. The key differences (from stock 7.2.1) are: *) almost all code that directly uses the OpenSSL library is in two new files, src/interfaces/libpq/fe-ssl.c src/backend/postmaster/be-ssl.c in the long run, it would be nice to merge these two files. *) the legacy code to read and write network data have been encapsulated into read_SSL() and write_SSL(). These functions should probably be renamed - they handle both SSL and non-SSL cases. the remaining code should eliminate the problems identified earlier, albeit not very cleanly. *) both front- and back-ends will send a SSL shutdown via the new close_SSL() function. This is necessary for sessions to work properly. (Sessions are not yet fully supported, but by cleanly closing the SSL connection instead of just sending a TCP FIN packet other SSL tools will be much happier.) *) The client certificate and key are now expected in a subdirectory of the user's home directory. Specifically, - the directory .postgresql must be owned by the user, and allow no access by 'group' or 'other.' - the file .postgresql/postgresql.crt must be a regular file owned by the user. - the file .postgresql/postgresql.key must be a regular file owned by the user, and allow no access by 'group' or 'other'. At the current time encrypted private keys are not supported. There should also be a way to support multiple client certs/keys. *) the front-end performs minimal validation of the back-end cert. Self-signed certs are permitted, but the common name *must* match the hostname used by the front-end. (The cert itself should always use a fully qualified domain name (FDQN) in its common name field.) This means that psql -h eris db will fail, but psql -h eris.example.com db will succeed. At the current time this must be an exact match; future patches may support any FQDN that resolves to the address returned by getpeername(2). Another common "problem" is expiring certs. For now, it may be a good idea to use a very-long-lived self-signed cert. As a compile-time option, the front-end can specify a file containing valid root certificates, but it is not yet required. *) the back-end performs minimal validation of the client cert. It allows self-signed certs. It checks for expiration. It supports a compile-time option specifying a file containing valid root certificates. *) both front- and back-ends default to TLSv1, not SSLv3/SSLv2. *) both front- and back-ends support DSA keys. DSA keys are moderately more expensive on startup, but many people consider them preferable than RSA keys. (E.g., SSH2 prefers DSA keys.) *) if /dev/urandom exists, both client and server will read 16k of randomization data from it. *) the server can read empheral DH parameters from the files $DataDir/dh512.pem $DataDir/dh1024.pem $DataDir/dh2048.pem $DataDir/dh4096.pem if none are provided, the server will default to hardcoded parameter files provided by the OpenSSL project. Remaining tasks: *) the select() clauses need to be revisited - the SSL abstraction layer may need to absorb more of the current code to avoid rare deadlock conditions. This also touches on a true solution to the pg_eof() problem. *) the SIGPIPE signal handler may need to be revisited. *) support encrypted private keys. *) sessions are not yet fully supported. (SSL sessions can span multiple "connections," and allow the client and server to avoid costly renegotiations.) *) makecert - a script that creates back-end certs. *) pgkeygen - a tool that creates front-end certs. *) the whole protocol issue, SASL, etc. *) certs are fully validated - valid root certs must be available. This is a hassle, but it means that you *can* trust the identity of the server. *) the client library can handle hardcoded root certificates, to avoid the need to copy these files. *) host name of server cert must resolve to IP address, or be a recognized alias. This is more liberal than the previous iteration. *) the number of bytes transferred is tracked, and the session key is periodically renegotiated. *) basic cert generation scripts (mkcert.sh, pgkeygen.sh). The configuration files have reasonable defaults for each type of use. Bear Giles --- src/interfaces/libpq/fe-connect.c | 78 ++++++--------------------------------- 1 file changed, 11 insertions(+), 67 deletions(-) (limited to 'src/interfaces/libpq/fe-connect.c') diff --git a/src/interfaces/libpq/fe-connect.c b/src/interfaces/libpq/fe-connect.c index 02164778b76..414fff329e5 100644 --- a/src/interfaces/libpq/fe-connect.c +++ b/src/interfaces/libpq/fe-connect.c @@ -8,7 +8,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-connect.c,v 1.185 2002/06/14 04:09:37 momjian Exp $ + * $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-connect.c,v 1.186 2002/06/14 04:23:17 momjian Exp $ * *------------------------------------------------------------------------- */ @@ -61,9 +61,12 @@ inet_aton(const char *cp, struct in_addr * inp) } #endif - #ifdef USE_SSL -static SSL_CTX *SSL_context = NULL; +extern int secure_initialize(PGconn *); +extern void secure_destroy(void); +extern int secure_open_client(PGconn *); +extern void secure_close(PGconn *); +extern SSL * PQgetssl(PGconn *); #endif #define NOTIFYLIST_INITIAL_SIZE 10 @@ -186,10 +189,6 @@ static char *conninfo_getval(PQconninfoOption *connOptions, static void defaultNoticeProcessor(void *arg, const char *message); static int parseServiceInfo(PQconninfoOption *options, PQExpBuffer errorMessage); -#ifdef USE_SSL -static const char *SSLerrmessage(void); -#endif - /* * Connecting to a Database @@ -969,26 +968,8 @@ retry2: } if (SSLok == 'S') { - if (!SSL_context) + if (secure_initialize(conn) == -1 || secure_open_client(conn) == -1) { - SSL_load_error_strings(); - SSL_library_init(); - SSL_context = SSL_CTX_new(SSLv23_method()); - if (!SSL_context) - { - printfPQExpBuffer(&conn->errorMessage, - libpq_gettext("could not create SSL context: %s\n"), - SSLerrmessage()); - goto connect_errReturn; - } - } - if (!(conn->ssl = SSL_new(SSL_context)) || - !SSL_set_fd(conn->ssl, conn->sock) || - SSL_connect(conn->ssl) <= 0) - { - printfPQExpBuffer(&conn->errorMessage, - libpq_gettext("could not establish SSL connection: %s\n"), - SSLerrmessage()); goto connect_errReturn; } /* SSL connection finished. Continue to send startup packet */ @@ -998,6 +979,7 @@ retry2: /* Received error - probably protocol mismatch */ if (conn->Pfdebug) fprintf(conn->Pfdebug, "Postmaster reports error, attempting fallback to pre-7.0.\n"); + secure_close(conn); #ifdef WIN32 closesocket(conn->sock); #else @@ -1039,6 +1021,7 @@ retry2: connect_errReturn: if (conn->sock >= 0) { + secure_close(conn); #ifdef WIN32 closesocket(conn->sock); #else @@ -1914,8 +1897,7 @@ freePGconn(PGconn *conn) return; pqClearAsyncResult(conn); /* deallocate result and curTuple */ #ifdef USE_SSL - if (conn->ssl) - SSL_free(conn->ssl); + secure_close(conn); #endif if (conn->sock >= 0) { @@ -1992,6 +1974,7 @@ closePGconn(PGconn *conn) */ if (conn->sock >= 0) { + secure_close(conn); #ifdef WIN32 closesocket(conn->sock); #else @@ -2641,35 +2624,6 @@ PQconninfoFree(PQconninfoOption *connOptions) } -#ifdef USE_SSL - -/* - * Obtain reason string for last SSL error - * - * Some caution is needed here since ERR_reason_error_string will - * return NULL if it doesn't recognize the error code. We don't - * want to return NULL ever. - */ -static const char * -SSLerrmessage(void) -{ - unsigned long errcode; - const char *errreason; - static char errbuf[32]; - - errcode = ERR_get_error(); - if (errcode == 0) - return "No SSL error reported"; - errreason = ERR_reason_error_string(errcode); - if (errreason != NULL) - return errreason; - snprintf(errbuf, sizeof(errbuf), "SSL error code %lu", errcode); - return errbuf; -} - -#endif /* USE_SSL */ - - /* =========== accessor functions for PGconn ========= */ char * PQdb(const PGconn *conn) @@ -2814,16 +2768,6 @@ PQsetClientEncoding(PGconn *conn, const char *encoding) } #endif -#ifdef USE_SSL -SSL * -PQgetssl(PGconn *conn) -{ - if (!conn) - return NULL; - return conn->ssl; -} -#endif - void PQtrace(PGconn *conn, FILE *debug_port) { -- cgit v1.2.3