From 44e27f0a6d07d194ee43e9e4095db75c0525112f Mon Sep 17 00:00:00 2001 From: Daniel Gustafsson Date: Wed, 24 Apr 2024 10:54:42 +0200 Subject: [PATCH] Support disallowing SSL renegotiation when using LibreSSL LibreSSL doesn't support the SSL_OP_NO_RENEGOTIATION macro which is used by OpenSSL, instead it has invented a similar one for client- side renegotiation: SSL_OP_NO_CLIENT_RENEGOTIATION. This has been supported since LibreSSL 2.5.1 which by now can be considered well below the minimum requirement. Reviewed-by: Peter Eisentraut Reviewed-by: Michael Paquier Discussion: https://postgr.es/m/eac70d46-e61c-4d71-a1e1-78e2bfa19485@eisentraut.org --- src/backend/libpq/be-secure-openssl.c | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-secure-openssl.c index 29c9af1aab..55b2cad745 100644 --- a/src/backend/libpq/be-secure-openssl.c +++ b/src/backend/libpq/be-secure-openssl.c @@ -267,15 +267,20 @@ be_tls_init(bool isServerStart) /* disallow SSL compression */ SSL_CTX_set_options(context, SSL_OP_NO_COMPRESSION); -#ifdef SSL_OP_NO_RENEGOTIATION - /* - * Disallow SSL renegotiation, option available since 1.1.0h. This - * concerns only TLSv1.2 and older protocol versions, as TLSv1.3 has no - * support for renegotiation. + * Disallow SSL renegotiation. This concerns only TLSv1.2 and older + * protocol versions, as TLSv1.3 has no support for renegotiation. + * SSL_OP_NO_RENEGOTIATION is available in OpenSSL since 1.1.0h (via a + * backport from 1.1.1). SSL_OP_NO_CLIENT_RENEGOTIATION is available in + * LibreSSL since 2.5.1 disallowing all client-initiated renegotiation + * (this is usually on by default). */ +#ifdef SSL_OP_NO_RENEGOTIATION SSL_CTX_set_options(context, SSL_OP_NO_RENEGOTIATION); #endif +#ifdef SSL_OP_NO_CLIENT_RENEGOTIATION + SSL_CTX_set_options(context, SSL_OP_NO_CLIENT_RENEGOTIATION); +#endif /* set up ephemeral DH and ECDH keys */ if (!initialize_dh(context, isServerStart))