granicus.if.org Git - postgresql/commit

Always use 2048 bit DH parameters for OpenSSL ephemeral DH ciphers.

1024 bits is considered weak these days, but OpenSSL always passes 1024 as
the key length to the tmp_dh callback. All the code to handle other key
lengths is, in fact, dead.

To remedy those issues:

* Only include hard-coded 2048-bit parameters.
* Set the parameters directly with SSL_CTX_set_tmp_dh(), without the
  callback
* The name of the file containing the DH parameters is now a GUC. This
  replaces the old hardcoded "dh1024.pem" filename. (The files for other
  key lengths, dh512.pem, dh2048.pem, etc. were never actually used.)

This is not a new problem, but it doesn't seem worth the risk and churn to
backport. If you care enough about the strength of the DH parameters on
old versions, you can create custom DH parameters, with as many bits as you
wish, and put them in the "dh1024.pem" file.

Per report by Nicolas Guini and Damian Quiroga. Reviewed by Michael Paquier.

Discussion: https://www.postgresql.org/message-id/CAMxBoUyjOOautVozN6ofzym828aNrDjuCcOTcCquxjwS-L2hGQ@mail.gmail.com

author	Heikki Linnakangas <heikki.linnakangas@iki.fi>
	Mon, 31 Jul 2017 19:36:09 +0000 (22:36 +0300)
committer	Heikki Linnakangas <heikki.linnakangas@iki.fi>
	Mon, 31 Jul 2017 19:36:09 +0000 (22:36 +0300)
commit	c0a15e07cd718cb6e455e68328f522ac076a0e4b
tree	eb6733f3b267e407cd6fdc352011c0bb8229bf78	tree \| snapshot
parent	dea6ba939fd2b70dd444349d52585a0694578571	commit \| diff

doc/src/sgml/config.sgml		diff \| blob \| history
src/backend/libpq/be-secure-openssl.c		diff \| blob \| history
src/backend/libpq/be-secure.c		diff \| blob \| history
src/backend/utils/misc/guc.c		diff \| blob \| history
src/backend/utils/misc/postgresql.conf.sample		diff \| blob \| history
src/include/libpq/libpq.h		diff \| blob \| history