From 19570420f5318343ed7a263cc6046fd5605b22cc Mon Sep 17 00:00:00 2001 From: Bruce Momjian Date: Fri, 14 Jun 2002 04:23:17 +0000 Subject: UPDATED PATCH: Attached are a revised set of SSL patches. Many of these patches are motivated by security concerns, it's not just bug fixes. The key differences (from stock 7.2.1) are: *) almost all code that directly uses the OpenSSL library is in two new files, src/interfaces/libpq/fe-ssl.c src/backend/postmaster/be-ssl.c in the long run, it would be nice to merge these two files. *) the legacy code to read and write network data have been encapsulated into read_SSL() and write_SSL(). These functions should probably be renamed - they handle both SSL and non-SSL cases. the remaining code should eliminate the problems identified earlier, albeit not very cleanly. *) both front- and back-ends will send a SSL shutdown via the new close_SSL() function. This is necessary for sessions to work properly. (Sessions are not yet fully supported, but by cleanly closing the SSL connection instead of just sending a TCP FIN packet other SSL tools will be much happier.) *) The client certificate and key are now expected in a subdirectory of the user's home directory. Specifically, - the directory .postgresql must be owned by the user, and allow no access by 'group' or 'other.' - the file .postgresql/postgresql.crt must be a regular file owned by the user. - the file .postgresql/postgresql.key must be a regular file owned by the user, and allow no access by 'group' or 'other'. At the current time encrypted private keys are not supported. There should also be a way to support multiple client certs/keys. *) the front-end performs minimal validation of the back-end cert. Self-signed certs are permitted, but the common name *must* match the hostname used by the front-end. (The cert itself should always use a fully qualified domain name (FDQN) in its common name field.) This means that psql -h eris db will fail, but psql -h eris.example.com db will succeed. At the current time this must be an exact match; future patches may support any FQDN that resolves to the address returned by getpeername(2). Another common "problem" is expiring certs. For now, it may be a good idea to use a very-long-lived self-signed cert. As a compile-time option, the front-end can specify a file containing valid root certificates, but it is not yet required. *) the back-end performs minimal validation of the client cert. It allows self-signed certs. It checks for expiration. It supports a compile-time option specifying a file containing valid root certificates. *) both front- and back-ends default to TLSv1, not SSLv3/SSLv2. *) both front- and back-ends support DSA keys. DSA keys are moderately more expensive on startup, but many people consider them preferable than RSA keys. (E.g., SSH2 prefers DSA keys.) *) if /dev/urandom exists, both client and server will read 16k of randomization data from it. *) the server can read empheral DH parameters from the files $DataDir/dh512.pem $DataDir/dh1024.pem $DataDir/dh2048.pem $DataDir/dh4096.pem if none are provided, the server will default to hardcoded parameter files provided by the OpenSSL project. Remaining tasks: *) the select() clauses need to be revisited - the SSL abstraction layer may need to absorb more of the current code to avoid rare deadlock conditions. This also touches on a true solution to the pg_eof() problem. *) the SIGPIPE signal handler may need to be revisited. *) support encrypted private keys. *) sessions are not yet fully supported. (SSL sessions can span multiple "connections," and allow the client and server to avoid costly renegotiations.) *) makecert - a script that creates back-end certs. *) pgkeygen - a tool that creates front-end certs. *) the whole protocol issue, SASL, etc. *) certs are fully validated - valid root certs must be available. This is a hassle, but it means that you *can* trust the identity of the server. *) the client library can handle hardcoded root certificates, to avoid the need to copy these files. *) host name of server cert must resolve to IP address, or be a recognized alias. This is more liberal than the previous iteration. *) the number of bytes transferred is tracked, and the session key is periodically renegotiated. *) basic cert generation scripts (mkcert.sh, pgkeygen.sh). The configuration files have reasonable defaults for each type of use. Bear Giles --- src/interfaces/libpq/fe-misc.c | 42 ++++++++++-------------------------------- 1 file changed, 10 insertions(+), 32 deletions(-) (limited to 'src/interfaces/libpq/fe-misc.c') diff --git a/src/interfaces/libpq/fe-misc.c b/src/interfaces/libpq/fe-misc.c index a8af4d893ab..15b6dcb1e53 100644 --- a/src/interfaces/libpq/fe-misc.c +++ b/src/interfaces/libpq/fe-misc.c @@ -25,7 +25,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-misc.c,v 1.72 2002/06/14 04:09:37 momjian Exp $ + * $Header: /cvsroot/pgsql/src/interfaces/libpq/fe-misc.c,v 1.73 2002/06/14 04:23:17 momjian Exp $ * *------------------------------------------------------------------------- */ @@ -55,6 +55,9 @@ #include "mb/pg_wchar.h" #endif +extern void secure_close(PGconn *); +extern ssize_t secure_read(PGconn *, void *, size_t); +extern ssize_t secure_write(PGconn *, const void *, size_t); #define DONOTICE(conn,message) \ ((*(conn)->noticeHook) ((conn)->noticeArg, (message))) @@ -477,14 +480,8 @@ pqReadData(PGconn *conn) /* OK, try to read some data */ retry3: -#ifdef USE_SSL - if (conn->ssl) - nread = SSL_read(conn->ssl, conn->inBuffer + conn->inEnd, - conn->inBufSize - conn->inEnd); - else -#endif - nread = recv(conn->sock, conn->inBuffer + conn->inEnd, - conn->inBufSize - conn->inEnd, 0); + nread = secure_read(conn, conn->inBuffer + conn->inEnd, + conn->inBufSize - conn->inEnd); if (nread < 0) { if (SOCK_ERRNO == EINTR) @@ -563,14 +560,8 @@ retry3: * arrived. */ retry4: -#ifdef USE_SSL - if (conn->ssl) - nread = SSL_read(conn->ssl, conn->inBuffer + conn->inEnd, - conn->inBufSize - conn->inEnd); - else -#endif - nread = recv(conn->sock, conn->inBuffer + conn->inEnd, - conn->inBufSize - conn->inEnd, 0); + nread = secure_read(conn, conn->inBuffer + conn->inEnd, + conn->inBufSize - conn->inEnd); if (nread < 0) { if (SOCK_ERRNO == EINTR) @@ -611,6 +602,7 @@ definitelyFailed: "\tThis probably means the server terminated abnormally\n" "\tbefore or while processing the request.\n")); conn->status = CONNECTION_BAD; /* No more connection to backend */ + secure_close(conn); #ifdef WIN32 closesocket(conn->sock); #else @@ -650,23 +642,9 @@ pqSendSome(PGconn *conn) /* while there's still data to send */ while (len > 0) { - /* Prevent being SIGPIPEd if backend has closed the connection. */ -#ifndef WIN32 - pqsigfunc oldsighandler = pqsignal(SIGPIPE, SIG_IGN); -#endif - int sent; -#ifdef USE_SSL - if (conn->ssl) - sent = SSL_write(conn->ssl, ptr, len); - else -#endif - sent = send(conn->sock, ptr, len, 0); - -#ifndef WIN32 - pqsignal(SIGPIPE, oldsighandler); -#endif + sent = secure_write(conn, ptr, len); if (sent < 0) { -- cgit v1.2.3