I wrote:
> I had an OpenBSD 6.8 image laying about, so I tried the ssl test
> there, and it falls over in even more places:
> ...
> A lot of the errors look like they didn't yet have support for
> TLS 1.2; this is typical:
On further investigation, that's nonsense, because the postmaster logs
show that most if not all of the connections that are succeeding are
TLSv1.3, eg
2022-02-02 21:31:07.492 EST [96067] [unknown] LOG: 00000: connection authorized: user=ssltestuser database=trustdb
application_name=001_ssltests.plSSL enabled (protocol=TLSv1.3, cipher=AEAD-AES256-GCM-SHA384, bits=256)
However, PG believes that the library only supports up to 1.2,
because TLS1_3_VERSION isn't defined. I found this in
/usr/include/openssl/tls1.h:
#if defined(LIBRESSL_HAS_TLS1_3) || defined(LIBRESSL_INTERNAL)
#define TLS1_3_VERSION 0x0304
#endif
LIBRESSL_HAS_TLS1_3 is not defined anywhere; in
/usr/include/openssl/opensslfeatures.h I find
/*
* Feature flags for LibreSSL... so you can actually tell when things
* are enabled, rather than not being able to tell when things are
* enabled (or possibly not yet not implemented, or removed!).
*/
/* #define LIBRESSL_HAS_TLS1_3 */
which is about the best example I've seen lately of crappy code
falsifying the adjacent comment.
I added
#define LIBRESSL_HAS_TLS1_3 1
to pg_config.h to see what would happen. It seems that about
the same number of tests fall over, but now the errors are
(mostly) not about TLS version. Some look like they might
just be mismatched expectations of exactly what error will
be issued:
# Failed test 'connect with wrong server root cert sslmode=require: matches'
# at t/001_ssltests.pl line 170.
# 'psql: error: connection to server at "127.0.0.1", port 62542 failed: SSL error: tlsv1 alert
unknownca'
# doesn't match '(?^:SSL error: certificate verify failed)'
I get the impression though that there's still some mismatch
about how to establish which CAs are trusted, and there are
still a few "tlsv1 alert protocol version" errors with no
obvious reason.
I thought for awhile that the library might be forcing a minimum
TLS version of 1.3 (despite the headers not even claiming to
support it at all), because that would fit right in with OpenBSD's
securer-than-thou ethos. I still suspect that something like that
might be going on, but I don't have hard evidence.
regards, tom lane