postgres

History

Tom Lane fb464a1ae3 Avoid masking EOF (no-password-supplied) conditions in auth.c. CheckPWChallengeAuth() would return STATUS_ERROR if the user does not exist or has no password assigned, even if the client disconnected without responding to the password challenge (as libpq often will, for example). We should return STATUS_EOF in that case, and the lower-level functions do, but this code level got it wrong since the refactoring done in `7ac955b34`. This breaks the intent of not logging anything for EOF cases (cf. comments in auth_failed()) and might also confuse users of ClientAuthentication_hook. Per report from Liu Lang. Back-patch to all supported versions. Discussion: https://postgr.es/m/b725238c-539d-cb09-2bff-b5e6cb2c069c@esgyn.cn		2 years ago
..
Makefile	Refactor SASL code with a generic interface for its mechanisms	4 years ago
README.SSL	Move EDH support to common files	8 years ago
auth-sasl.c	Update copyright for 2023	3 years ago
auth-scram.c	Make SCRAM iteration count configurable	3 years ago
auth.c	Avoid masking EOF (no-password-supplied) conditions in auth.c.	2 years ago
be-fsstubs.c	Fix bugs in manipulation of large objects.	2 years ago
be-gssapi-common.c	De-Revert "Add support for Kerberos credential delegation"	2 years ago
be-secure-common.c	Common function for percent placeholder replacement	3 years ago
be-secure-gssapi.c	Fix timing-dependent failure in GSSAPI data transmission.	2 years ago
be-secure-openssl.c	Be more wary about OpenSSL not setting errno on error.	2 years ago
be-secure.c	Update copyright for 2023	3 years ago
crypt.c	Update copyright for 2023	3 years ago
hba.c	Eliminate fixed token-length limit in hba.c.	2 years ago
ifaddr.c	Update copyright for 2023	3 years ago
meson.build	Update copyright for 2023	3 years ago
pg_hba.conf.sample	Add description for new patterns supported in HBA and ident sample files	3 years ago
pg_ident.conf.sample	Add description for new patterns supported in HBA and ident sample files	3 years ago
pqcomm.c	Be more wary about OpenSSL not setting errno on error.	2 years ago
pqformat.c	Change argument type of pq_sendbytes from char * to void *	3 years ago
pqmq.c	Perform apply of large transactions by parallel workers.	3 years ago
pqsignal.c	Use WaitEventSet API for postmaster's event loop.	3 years ago

README.SSL

src/backend/libpq/README.SSL

SSL
===

>From the servers perspective:


  Receives StartupPacket
           |
           |
 (Is SSL_NEGOTIATE_CODE?) -----------  Normal startup
           |                  No
           |
           | Yes
           |
           |
 (Server compiled with USE_SSL?) ------- Send 'N'
           |                       No        |
           |                                 |
           | Yes                         Normal startup
           |
           |
        Send 'S'
           |
           |
      Establish SSL
           |
           |
      Normal startup





>From the clients perspective (v6.6 client _with_ SSL):


      Connect
         |
         |
  Send packet with SSL_NEGOTIATE_CODE
         |
         |
  Receive single char  ------- 'S' -------- Establish SSL
         |                                       |
         | '<else>'                              |
         |                                  Normal startup
         |
         |
   Is it 'E' for error  ------------------- Retry connection
         |                  Yes             without SSL
         | No
         |
   Is it 'N' for normal ------------------- Normal startup
         |                  Yes
         |
   Fail with unknown

---------------------------------------------------------------------------

Ephemeral DH
============

Since the server static private key ($DataDir/server.key) will
normally be stored unencrypted so that the database backend can
restart automatically, it is important that we select an algorithm
that continues to provide confidentiality even if the attacker has the
server's private key.  Ephemeral DH (EDH) keys provide this and more
(Perfect Forward Secrecy aka PFS).

N.B., the static private key should still be protected to the largest
extent possible, to minimize the risk of impersonations.

Another benefit of EDH is that it allows the backend and clients to
use DSA keys.  DSA keys can only provide digital signatures, not
encryption, and are often acceptable in jurisdictions where RSA keys
are unacceptable.

The downside to EDH is that it makes it impossible to use ssldump(1)
if there's a problem establishing an SSL session.  In this case you'll
need to temporarily disable EDH (see initialize_dh()).