Am Dienstag, 21. September 2004 09:24 schrieb Dominic Mitchell:
> I am also unsure of the
> procedures for submitting patches; is it ok to just send to hackers?
> In initialize_SSL(), we call SSL_CTX_set_verify(), but we don't pass
> in the SSL_VERIFY_FAIL_IF_NO_PEER_CERT flag. This means that a client
> can present no certificate and still get access to the server.
Client-side certificates as an authentication mechanism are not intended to be
supported. It might be a nice feature to add, though.
> There's nothing that gets logged to say that an SSL connection was
> made. This would be useful for testing. Something like logging the
> connection as "188.8.131.52/ssl"?
That seems reasonable.
> In initialize_SSL(), we call SSL_CTX_set_verify_depth(SSL_context, 1).
> This should probably be a configurable item. I /think/ it might be
> stopping me from successfully verifying the server certificate is
> signed by the CA listed in my client's root.crt file, but I'm not
I think verification of the server certificates is not supported either. SSL
only serves for encryption, not authentication or integrity checking (which
is probably a stupid idea).
> In open_client_SSL() again, the call to verify that the CN of the
> certificate is the same as the hostname you've connected to is
> commented out. So you have no idea whether or not you've connected to
> the right server.
This seems to match the pattern I described above.
In response to
- SSL Support at 2004-09-21 07:24:52 from Dominic Mitchell
pgsql-hackers by date
|Next:||From: Kaare Rasmussen||Date: 2004-09-21 08:44:22|
|Subject: Re: SSL Support|
|Previous:||From: Dominic Mitchell||Date: 2004-09-21 07:24:52|
|Subject: SSL Support|