Index: postgresql/src/backend/postmaster/be-secure.c diff -c postgresql/src/backend/postmaster/be-secure.c:1.6 postgresql/src/backend/postmaster/be-secure.c:1.7 *** postgresql/src/backend/postmaster/be-secure.c:1.6 Sat May 25 00:18:48 2002 --- postgresql/src/backend/postmaster/be-secure.c Sat May 25 00:33:05 2002 *************** *** 11,17 **** * * * IDENTIFICATION ! * $Header: /usr/local/cvsroot/postgresql/src/backend/postmaster/be-secure.c,v 1.6 2002/05/25 06:18:48 bear Exp $ * * NOTES * --- 11,17 ---- * * * IDENTIFICATION ! * $Header: /usr/local/cvsroot/postgresql/src/backend/postmaster/be-secure.c,v 1.7 2002/05/25 06:33:05 bear Exp $ * * NOTES * *************** *** 53,58 **** --- 53,64 ---- * session. In this case you'll need to temporarily disable * EDH by commenting out the callback. * + * ... + * + * Because the risk of cryptanalysis increases as large + * amounts of data are sent with the same session key, the + * session keys are periodically renegotiated. + * * PATCH LEVEL * milestone 1: fix basic coding errors * [*] existing SSL code pulled out of existing files. *************** *** 66,72 **** * milestone 3: improve confidentially, support perfect forward secrecy * [*] use 'random' file, read from '/dev/urandom?' * [*] emphermal DH keys, default values ! * [ ] periodic renegotiation * [ ] private key permissions * * milestone 4: provide endpoint authentication (client) --- 72,78 ---- * milestone 3: improve confidentially, support perfect forward secrecy * [*] use 'random' file, read from '/dev/urandom?' * [*] emphermal DH keys, default values ! * [*] periodic renegotiation * [ ] private key permissions * * milestone 4: provide endpoint authentication (client) *************** *** 142,147 **** --- 148,159 ---- #endif #ifdef USE_SSL + /* + * How much data can be sent across a secure connection + * (total in both directions) before we require renegotiation. + */ + #define RENEGOTIATION_LIMIT (64 * 1024) + static SSL_CTX *SSL_context = NULL; #endif *************** *** 277,286 **** --- 289,305 ---- #ifdef USE_SSL if (port->ssl) { + if (port->count > RENEGOTIATION_LIMIT) + { + SSL_renegotiate(port->ssl); + port->count = 0; + } + n = SSL_read(port->ssl, ptr, len); switch (SSL_get_error(port->ssl, n)) { case SSL_ERROR_NONE: + port->count += n; break; case SSL_ERROR_WANT_READ: break; *************** *** 320,329 **** --- 339,355 ---- #ifdef USE_SSL if (port->ssl) { + if (port->count > RENEGOTIATION_LIMIT) + { + SSL_renegotiate(port->ssl); + port->count = 0; + } + n = SSL_write(port->ssl, ptr, len); switch (SSL_get_error(port->ssl, n)) { case SSL_ERROR_NONE: + port->count += n; break; case SSL_ERROR_WANT_WRITE: break; *************** *** 610,615 **** --- 636,642 ---- close_SSL(port); return -1; } + port->count = 0; return 0; } Index: postgresql/src/include/libpq/libpq-be.h diff -c postgresql/src/include/libpq/libpq-be.h:1.1.1.1 postgresql/src/include/libpq/libpq-be.h:1.2 *** postgresql/src/include/libpq/libpq-be.h:1.1.1.1 Thu May 23 22:56:19 2002 --- postgresql/src/include/libpq/libpq-be.h Sat May 25 00:33:05 2002 *************** *** 11,17 **** * Portions Copyright (c) 1996-2001, PostgreSQL Global Development Group * Portions Copyright (c) 1994, Regents of the University of California * ! * $Id: libpq-be.h,v 1.1.1.1 2002/05/24 04:56:19 bear Exp $ * *------------------------------------------------------------------------- */ --- 11,17 ---- * Portions Copyright (c) 1996-2001, PostgreSQL Global Development Group * Portions Copyright (c) 1994, Regents of the University of California * ! * $Id: libpq-be.h,v 1.2 2002/05/25 06:33:05 bear Exp $ * *------------------------------------------------------------------------- */ *************** *** 70,75 **** --- 70,76 ---- */ #ifdef USE_SSL SSL *ssl; + unsigned long count; #endif } Port;