upstream/postgresql
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2026-03-11 10:45:17 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
postgresql/src
History
Michael Paquier 3f8072be8a Disallow SSL renegotiation 
SSL renegotiation is already disabled as of 48d23c72, however this does
not prevent the server to comply with a client willing to use
renegotiation.  In the last couple of years, renegotiation had its set
of security issues and flaws (like the recent CVE-2021-3449), and it
could be possible to crash the backend with a client attempting
renegotiation.

This commit takes one extra step by disabling renegotiation in the
backend in the same way as SSL compression (f9264d15) or tickets
(97d3a0b0).  OpenSSL 1.1.0h has added an option named
SSL_OP_NO_RENEGOTIATION able to achieve that.  In older versions
there is an option called SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS that
was undocumented, and could be set within the SSL object created when
the TLS connection opens, but I have decided not to use it, as it feels
trickier to rely on, and it is not official.  Note that this option is
not usable in OpenSSL < 1.1.0h as the internal contents of the *SSL
object are hidden to applications.

SSL renegotiation concerns protocols up to TLSv1.2.

Per original report from Robert Haas, with a patch based on a suggestion
by Andres Freund.

Author: Michael Paquier
Reviewed-by: Daniel Gustafsson
Discussion: https://postgr.es/m/YKZBXx7RhU74FlTE@paquier.xyz
Backpatch-through: 9.6
2021-05-25 10:11:17 +09:00
..
backend Disallow SSL renegotiation 2021-05-25 10:11:17 +09:00
bin Clean up cpluspluscheck violation. 2021-05-20 13:03:09 -04:00
common Fix command-line colorization on Windows with VT100-compatible environments 2020-03-02 15:46:24 +09:00
fe_utils Fix parallel restore of FKs to partitioned tables 2019-10-17 09:58:01 +02:00
include Restore the portal-level snapshot after procedure COMMIT/ROLLBACK. 2021-05-21 14:03:53 -04:00
interfaces Stamp 12.7. 2021-05-10 16:43:52 -04:00
makefiles Select CFLAGS_SL at configure time, not in platform-specific Makefiles. 2019-10-21 12:32:35 -04:00
pl Restore the portal-level snapshot after procedure COMMIT/ROLLBACK. 2021-05-21 14:03:53 -04:00
port Stamp 12.7. 2021-05-10 16:43:52 -04:00
template Further tweaking of PG_SYSROOT heuristics for macOS. 2021-01-20 12:07:35 -05:00
test Disallow whole-row variables in GENERATED expressions. 2021-05-21 15:12:37 -04:00
timezone Update time zone data files to tzdata release 2021a. 2021-01-24 16:29:47 -05:00
tools backpatch "jit: Add support for LLVM 12." 2020-12-07 18:39:32 -08:00
tutorial tutorial: land height is "elevation", not "altitude" 2021-03-10 20:25:18 -05:00
.gitignore Convert cvsignore to gitignore, and add .gitignore for build targets. 2010-09-22 12:57:04 +02:00
DEVELOPERS Replace a couple of references to files that no longer exist in the source 2009-05-04 08:08:47 +00:00
Makefile Fix partial-build problems introduced by having more generated headers. 2018-04-09 16:42:10 -04:00
Makefile.global.in Select CFLAGS_SL at configure time, not in platform-specific Makefiles. 2019-10-21 12:32:35 -04:00
Makefile.shlib Ensure static libraries have correct mod time even if ranlib messes it up. 2018-11-29 15:53:44 -05:00
nls-global.mk NLS: Fix backend gettext triggers 2019-09-23 09:05:50 +02:00