From bf0c8974bbb8ae31c1379b99e4cfc17cf357599c Mon Sep 17 00:00:00 2001 From: Daniel Gustafsson Date: Fri, 12 Apr 2024 12:44:24 +0200 Subject: [PATCH v9 3/5] Support disallowing SSL renegotiation in LibreSSL LibreSSL doesn't support the SSL_OP_NO_RENEGOTIATION macro which is used by OpenSSL, instead it has invented a similar one for client- side renegotiation: SSL_OP_NO_CLIENT_RENEGOTIATION. This has been supported since LibreSSL 2.5.1 which by now can be considered well below the minimum requirement. Discussion: https://postgr.es/m/eac70d46-e61c-4d71-a1e1-78e2bfa19485@eisentraut.org --- src/backend/libpq/be-secure-openssl.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-secure-openssl.c index 88153d4bda..efd49ffca8 100644 --- a/src/backend/libpq/be-secure-openssl.c +++ b/src/backend/libpq/be-secure-openssl.c @@ -262,15 +262,20 @@ be_tls_init(bool isServerStart) /* disallow SSL compression */ SSL_CTX_set_options(context, SSL_OP_NO_COMPRESSION); -#ifdef SSL_OP_NO_RENEGOTIATION - /* - * Disallow SSL renegotiation, option available since 1.1.0h. This - * concerns only TLSv1.2 and older protocol versions, as TLSv1.3 has no - * support for renegotiation. + * Disallow SSL renegotiation. This concerns only TLSv1.2 and older + * protocol versions, as TLSv1.3 has no support for renegotiation. + * SSL_OP_NO_RENEGOTIATION is available in OpenSSL since 1.1.0h (via a + * backport from 1.1.1). SSL_OP_NO_CLIENT_RENEGOTIATION is available in + * LibreSSL since 2.5.1 disallowing all client-initiated renegotiation + * (this is usually on by default). */ +#ifdef SSL_OP_NO_RENEGOTIATION SSL_CTX_set_options(context, SSL_OP_NO_RENEGOTIATION); #endif +#ifdef SSL_OP_NO_CLIENT_RENEGOTIATION + SSL_CTX_set_options(context, SSL_OP_NO_CLIENT_RENEGOTIATION); +#endif /* set up ephemeral DH and ECDH keys */ if (!initialize_dh(context, isServerStart)) -- 2.39.3 (Apple Git-146)