From 326e1d73c476a0b5061ef00134bdf57aed70d5e7 Mon Sep 17 00:00:00 2001 From: Tom Lane Date: Fri, 31 Jan 2014 17:51:07 -0500 Subject: [PATCH] Disallow use of SSL v3 protocol in the server as well as in libpq. Commit 820f08cabdcbb8998050c3d4873e9619d6d8cba4 claimed to make the server and libpq handle SSL protocol versions identically, but actually the server was still accepting SSL v3 protocol while libpq wasn't. Per discussion, SSL v3 is obsolete, and there's no good reason to continue to accept it. So make the code really equivalent on both sides. The behavior now is that we use the highest mutually-supported TLS protocol version. Marko Kreen, some comment-smithing by me --- src/backend/libpq/be-secure.c | 13 +++++++++++-- src/interfaces/libpq/fe-secure.c | 6 ++++-- 2 files changed, 15 insertions(+), 4 deletions(-) diff --git a/src/backend/libpq/be-secure.c b/src/backend/libpq/be-secure.c index a04701e555..71f9747300 100644 --- a/src/backend/libpq/be-secure.c +++ b/src/backend/libpq/be-secure.c @@ -822,6 +822,13 @@ initialize_SSL(void) #endif SSL_library_init(); SSL_load_error_strings(); + + /* + * We use SSLv23_method() because it can negotiate use of the highest + * mutually supported protocol version, while alternatives like + * TLSv1_2_method() permit only one specific version. Note that we + * don't actually allow SSL v2 or v3, only TLS protocols (see below). + */ SSL_context = SSL_CTX_new(SSLv23_method()); if (!SSL_context) ereport(FATAL, @@ -880,9 +887,11 @@ initialize_SSL(void) SSLerrmessage()))); } - /* set up ephemeral DH keys, and disallow SSL v2 while at it */ + /* set up ephemeral DH keys, and disallow SSL v2/v3 while at it */ SSL_CTX_set_tmp_dh_callback(SSL_context, tmp_dh_cb); - SSL_CTX_set_options(SSL_context, SSL_OP_SINGLE_DH_USE | SSL_OP_NO_SSLv2); + SSL_CTX_set_options(SSL_context, + SSL_OP_SINGLE_DH_USE | + SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); /* set up ephemeral ECDH keys */ initialize_ecdh(); diff --git a/src/interfaces/libpq/fe-secure.c b/src/interfaces/libpq/fe-secure.c index 7e7a4f9ff1..d8ac40c784 100644 --- a/src/interfaces/libpq/fe-secure.c +++ b/src/interfaces/libpq/fe-secure.c @@ -967,8 +967,10 @@ init_ssl_system(PGconn *conn) } /* - * Only SSLv23_method() negotiates higher protocol versions; - * alternatives like TLSv1_2_method() permit one specific version. + * We use SSLv23_method() because it can negotiate use of the highest + * mutually supported protocol version, while alternatives like + * TLSv1_2_method() permit only one specific version. Note that we + * don't actually allow SSL v2 or v3, only TLS protocols (see below). */ SSL_context = SSL_CTX_new(SSLv23_method()); if (!SSL_context) -- 2.40.0