diff --git a/src/backend/libpq/be-secure.c b/src/backend/libpq/be-secure.c index 38ebe2a24a..cca5e79f9e 100644 --- a/src/backend/libpq/be-secure.c +++ b/src/backend/libpq/be-secure.c @@ -11,7 +11,7 @@ * * * IDENTIFICATION - * $Header: /cvsroot/pgsql/src/backend/libpq/be-secure.c,v 1.33 2003/05/27 17:49:46 momjian Exp $ + * $Header: /cvsroot/pgsql/src/backend/libpq/be-secure.c,v 1.34 2003/06/11 15:05:50 momjian Exp $ * * Since the server static private key ($DataDir/server.key) * will normally be stored unencrypted so that the database @@ -124,7 +124,7 @@ static const char *SSLerrmessage(void); * How much data can be sent across a secure connection * (total in both directions) before we require renegotiation. */ -#define RENEGOTIATION_LIMIT (64 * 1024) +#define RENEGOTIATION_LIMIT (512 * 1024 * 1024) #define CA_PATH NULL static SSL_CTX *SSL_context = NULL; #endif @@ -320,8 +320,11 @@ secure_write(Port *port, void *ptr, size_t len) elog(COMMERROR, "SSL renegotiation failure"); if (SSL_do_handshake(port->ssl) <= 0) elog(COMMERROR, "SSL renegotiation failure"); - port->ssl->state = SSL_ST_ACCEPT; - if (SSL_do_handshake(port->ssl) <= 0) + if (port->ssl->state != SSL_ST_OK) + elog(COMMERROR, "SSL failed to send renegotiation request"); + port->ssl->state |= SSL_ST_ACCEPT; + SSL_do_handshake(port->ssl); + if (port->ssl->state != SSL_ST_OK) elog(COMMERROR, "SSL renegotiation failure"); port->count = 0; } @@ -639,6 +642,13 @@ initialize_SSL(void) SSL_CTX_set_tmp_dh_callback(SSL_context, tmp_dh_cb); SSL_CTX_set_options(SSL_context, SSL_OP_SINGLE_DH_USE | SSL_OP_NO_SSLv2); + /* setup the allowed cipher list */ + if (SSL_CTX_set_cipher_list(SSL_context, "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGH") != 1) + { + postmaster_error("unable to set the cipher list (no valid ciphers available)"); + ExitPostmaster(1); + } + /* accept client certificates, but don't require them. */ snprintf(fnbuf, sizeof fnbuf, "%s/root.crt", DataDir); if (!SSL_CTX_load_verify_locations(SSL_context, fnbuf, CA_PATH))