| Lists: | pgsql-patches |
|---|
| From: | Sean Chittenden <sean(at)chittenden(dot)org> |
|---|---|
| To: | pgsql-patches(at)postgresql(dot)org |
| Subject: | Slightly improved SSL bits... |
| Date: | 2003-04-19 19:08:21 |
| Message-ID: | 20030419190821.GQ79923@perrin.int.nxad.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Lists: | pgsql-patches |
Well, the discussion about SSL a bit back perked my interest and I did
some reading on the subject.
1) PostgreSQL uses ephemeral keying, for its connections (good thing)
2) PostgreSQL doesn't set the cipher list that it allows (bad thing,
fixed)
3) PostgreSQL's renegotiation code wasn't text book correct (could be
bad, fixed)
4) The rate of renegotiating was insanely low (as Tom pointed out, set
to a more reasonable level)
I haven't checked around much to see if there are any other SSL bits
that need some review, but I'm doing some OpenSSL work right now
and'll send patches for improvements along the way (if I find them).
At the very least, the changes in this patch will make security folks
happier for sure. The constant renegotiation of sessions was likely a
boon to systems that had bad entropy gathering means (read: Slowaris
/dev/rand|/dev/urand != ANDIrand). The new limit for renegotiations
is 512MB which should be much more reasonable.
-sc
--
Sean Chittenden
| Attachment | Content-Type | Size |
|---|---|---|
| patch | text/plain | 1.6 KB |
| From: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
|---|---|
| To: | Sean Chittenden <sean(at)chittenden(dot)org> |
| Cc: | pgsql-patches(at)postgresql(dot)org |
| Subject: | Re: Slightly improved SSL bits... |
| Date: | 2003-05-31 02:20:12 |
| Message-ID: | 200305310220.h4V2KCj11245@candle.pha.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Lists: | pgsql-patches |
Your patch has been added to the PostgreSQL unapplied patches list at:
http://momjian.postgresql.org/cgi-bin/pgpatches
I will try to apply it within the next 48 hours.
---------------------------------------------------------------------------
Sean Chittenden wrote:
> Well, the discussion about SSL a bit back perked my interest and I did
> some reading on the subject.
>
> 1) PostgreSQL uses ephemeral keying, for its connections (good thing)
>
> 2) PostgreSQL doesn't set the cipher list that it allows (bad thing,
> fixed)
>
> 3) PostgreSQL's renegotiation code wasn't text book correct (could be
> bad, fixed)
>
> 4) The rate of renegotiating was insanely low (as Tom pointed out, set
> to a more reasonable level)
>
> I haven't checked around much to see if there are any other SSL bits
> that need some review, but I'm doing some OpenSSL work right now
> and'll send patches for improvements along the way (if I find them).
> At the very least, the changes in this patch will make security folks
> happier for sure. The constant renegotiation of sessions was likely a
> boon to systems that had bad entropy gathering means (read: Slowaris
> /dev/rand|/dev/urand != ANDIrand). The new limit for renegotiations
> is 512MB which should be much more reasonable.
>
> -sc
>
> --
> Sean Chittenden
[ Attachment, skipping... ]
>
> ---------------------------(end of broadcast)---------------------------
> TIP 4: Don't 'kill -9' the postmaster
--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073
| From: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
|---|---|
| To: | Sean Chittenden <sean(at)chittenden(dot)org> |
| Cc: | pgsql-patches(at)postgresql(dot)org |
| Subject: | Re: Slightly improved SSL bits... |
| Date: | 2003-06-11 15:06:01 |
| Message-ID: | 200306111506.h5BF61A23753@candle.pha.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Lists: | pgsql-patches |
Patch applied. Thanks.
---------------------------------------------------------------------------
Sean Chittenden wrote:
> Well, the discussion about SSL a bit back perked my interest and I did
> some reading on the subject.
>
> 1) PostgreSQL uses ephemeral keying, for its connections (good thing)
>
> 2) PostgreSQL doesn't set the cipher list that it allows (bad thing,
> fixed)
>
> 3) PostgreSQL's renegotiation code wasn't text book correct (could be
> bad, fixed)
>
> 4) The rate of renegotiating was insanely low (as Tom pointed out, set
> to a more reasonable level)
>
> I haven't checked around much to see if there are any other SSL bits
> that need some review, but I'm doing some OpenSSL work right now
> and'll send patches for improvements along the way (if I find them).
> At the very least, the changes in this patch will make security folks
> happier for sure. The constant renegotiation of sessions was likely a
> boon to systems that had bad entropy gathering means (read: Slowaris
> /dev/rand|/dev/urand != ANDIrand). The new limit for renegotiations
> is 512MB which should be much more reasonable.
>
> -sc
>
> --
> Sean Chittenden
[ Attachment, skipping... ]
>
> ---------------------------(end of broadcast)---------------------------
> TIP 4: Don't 'kill -9' the postmaster
--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073