pgsql-server/src/backend/libpq be-secure.c

CVSROOT:    /cvsroot
Module name:    pgsql-server
Changes by:    momjian@svr1.postgresql.org    03/06/11 12:05:50

Modified files:
    src/backend/libpq: be-secure.c

Log message:
    Well, the discussion about SSL a bit back perked my interest and I did
    some reading on the subject.

    1) PostgreSQL uses ephemeral keying, for its connections (good thing)

    2) PostgreSQL doesn't set the cipher list that it allows (bad thing,
    fixed)

    3) PostgreSQL's renegotiation code wasn't text book correct (could be
    bad, fixed)

    4) The rate of renegotiating was insanely low (as Tom pointed out, set
    to a more reasonable level)

    I haven't checked around much to see if there are any other SSL bits
    that need some review, but I'm doing some OpenSSL work right now
    and'll send patches for improvements along the way (if I find them).
    At the very least, the changes in this patch will make security folks
    happier for sure.  The constant renegotiation of sessions was likely a
    boon to systems that had bad entropy gathering means (read: Slowaris
    /dev/rand|/dev/urand != ANDIrand).  The new limit for renegotiations
    is 512MB which should be much more reasonable.

    Sean Chittenden