Thread: patch for SSL cleanup, client certificates

patch for SSL cleanup, client certificates

From

Bear Giles

Date:

20 May 2002, 22:31:10

Attached is a patch that includes some SSL cleanup and adds support for
client certificates.  The visible changes are:

1) postmaster logs anonymous SSL connections:

     DEBUG: SSL connection from (anonymous) with cipher EDH-RSA-DES-CBC3-SHA

2) postmaster logs SSL connections with client certificates:

     DEBUG: SSL connection from Bear Giles with cipher EDH-RSA-DES-CBC3-SHA

   (The postmaster will also log any errors in the certificate.)

3) libpq recognizes two new environment variables/configuration file
   options

     PQCLIENTCERT:  pathname of client certificate
     PQCLIENTKEY:   pathname of client key

   At the current time, only unencrypted keys are supported.
   There is a prototype callback that prompts the user for an
   encryption passphrase, but it's not yet activated.

   For security reasons, the key file must be a regular file
   that is not world- or group-accessible.  It should also be
   owned by the server or user, but this is not yet checked.

The client cert, if provided, is available at 'port->peer', but
this value is not yet used to map a client cert into a PostgreSQL
user.


The patch also provides some cleanup of the SSL calls:

1) proper error checking for SSL_read() and SSL_write().
   (You need to call SSL_get_error(), not just check the system
   errno.)

2) proper shutdown of the SSL connection, at least on the client
   side.  Simply closing the socket is a sadly common error.
   (SSL_shutdown()).

3) Empheral DH keys have been added, with fallbacks provided from
   the OpenSSL source code.

4) keys must be regular files and not world- or group-accessible.
   They should also be owned by the postmaster or client, but I
   haven't added that test yet.

   Unfortunately the error messages if the permissions tests fail
   are cryptic at best.  This definitely needs improvement!

Some serious work remains:

1) we should move towards TLSv1 instead of SSLv3 or SSLv2.
   But this may have unforeseen consequences so we should make
   sure everything else is working well first.

2) we need to provide a way to specify a good entropy source,
   if one is available.

3) we need to provide a trigger to renegotiate the session key.
   (E.g., renegotiate the session key after N hours or X megabytes
   of data.)

4) certificates should be better validated.

5) backend/libpq/hba.c needs to be extended to support mapping
   from client cert to database identity.

Bear

Attachment

diff

Re: patch for SSL cleanup, client certificates

From

Bruce Momjian

Date:

11 June 2002, 21:35:02

I assume this was all rolled into the later SSL patches, 1-9, right?


---------------------------------------------------------------------------

Bear Giles wrote:
> Attached is a patch that includes some SSL cleanup and adds support for
> client certificates.  The visible changes are:
>
> 1) postmaster logs anonymous SSL connections:
>
>      DEBUG: SSL connection from (anonymous) with cipher EDH-RSA-DES-CBC3-SHA
>
> 2) postmaster logs SSL connections with client certificates:
>
>      DEBUG: SSL connection from Bear Giles with cipher EDH-RSA-DES-CBC3-SHA
>
>    (The postmaster will also log any errors in the certificate.)
>
> 3) libpq recognizes two new environment variables/configuration file
>    options
>
>      PQCLIENTCERT:  pathname of client certificate
>      PQCLIENTKEY:   pathname of client key
>
>    At the current time, only unencrypted keys are supported.
>    There is a prototype callback that prompts the user for an
>    encryption passphrase, but it's not yet activated.
>
>    For security reasons, the key file must be a regular file
>    that is not world- or group-accessible.  It should also be
>    owned by the server or user, but this is not yet checked.
>
> The client cert, if provided, is available at 'port->peer', but
> this value is not yet used to map a client cert into a PostgreSQL
> user.
>
>
> The patch also provides some cleanup of the SSL calls:
>
> 1) proper error checking for SSL_read() and SSL_write().
>    (You need to call SSL_get_error(), not just check the system
>    errno.)
>
> 2) proper shutdown of the SSL connection, at least on the client
>    side.  Simply closing the socket is a sadly common error.
>    (SSL_shutdown()).
>
> 3) Empheral DH keys have been added, with fallbacks provided from
>    the OpenSSL source code.
>
> 4) keys must be regular files and not world- or group-accessible.
>    They should also be owned by the postmaster or client, but I
>    haven't added that test yet.
>
>    Unfortunately the error messages if the permissions tests fail
>    are cryptic at best.  This definitely needs improvement!
>
> Some serious work remains:
>
> 1) we should move towards TLSv1 instead of SSLv3 or SSLv2.
>    But this may have unforeseen consequences so we should make
>    sure everything else is working well first.
>
> 2) we need to provide a way to specify a good entropy source,
>    if one is available.
>
> 3) we need to provide a trigger to renegotiate the session key.
>    (E.g., renegotiate the session key after N hours or X megabytes
>    of data.)
>
> 4) certificates should be better validated.
>
> 5) backend/libpq/hba.c needs to be extended to support mapping
>    from client cert to database identity.
>
> Bear

Content-Description: /tmp/diff

[ Attachment, skipping... ]

>
> ---------------------------(end of broadcast)---------------------------
> TIP 6: Have you searched our list archives?
>
> http://archives.postgresql.org

--
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman@candle.pha.pa.us               |  (610) 853-3000
  +  If your life is a hard drive,     |  830 Blythe Avenue
  +  Christ can be your backup.        |  Drexel Hill, Pennsylvania 19026