Re: Question regarding SSL code in backend and frontend

On Thu, Apr 5, 2012 at 08:00, Tatsuo Ishii <ishii(at)postgresql(dot)org> wrote:
>>> Those code fragment judges the return value from
>>> SSL_read(). secure_read() does retrying when SSL_ERROR_WANT_READ *and*
>>> SSL_ERROR_WANT_WRITE returned. However, pqsecure_read() does not retry
>>> when SSL_ERROR_WANT_READ. It seems they are not consistent. Comments?
>>
>> There's no particular reason why they should be consistent, I think.
>> The assumptions for nonblocking operation are different.
>
> Ok. Thanks.
>
> BTW, usage of SSL_CTX_new() is different among frontend and backend as
> well.
>
> fe-secure.c:            SSL_context = SSL_CTX_new(TLSv1_method());
> be-secure.c:            SSL_context = SSL_CTX_new(SSLv23_method());
>
> In my understanding by using SSLV23_method, it is compatible with
> SSLv2, SSLv3, and TLSv1 protocol. So it seems there's no particular
> reason to use TLSv1_method(). Am I missing something?

The reason is that TLS is more secure, I believe. It was changed in
commit 750a0e676e1f8f71bf1c6aba05d3264a7c57218b for backwards
compatibility.

If anything, we should be changing it to TLSv1 in both client and
server, since every client out there now should be using that anyway,
given that the client has been specifying it for a long time.

Unless I am also missing something? :-)

--
 Magnus Hagander
 Me: http://www.hagander.net/
 Work: http://www.redpill-linpro.com/