Re: PostgreSQL not setting OpenSSL session id context?
Shay Rojansky <roji@roji.org>
From: Shay Rojansky <roji@roji.org>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: pgsql-hackers@postgresql.org
Date: 2017-07-30T23:24:11Z
Lists: pgsql-hackers
Attachments
- openssl-set-session-id-context.patch (application/octet-stream) patch
Just to continue the above, I can confirm that adding a simple call to SSL_CTX_set_session_id_context() to be_tls_init() with some arbitrary const value fixes the error for me. Attached is a patch (ideally a test should be done for this, but that's beyond what I can invest at the moment, let me know if it's absolutely necessary). On Mon, Jul 31, 2017 at 1:15 AM, Shay Rojansky <roji@roji.org> wrote: > Hi Tom. > > Again, I know little about this, but from what I understand PostgreSQL > wouldn't actually need to do/implement anything here - the session ticket > might be used only to abbreviate the SSL handshake (this would explain why > it's on by default without any application support). In other words, simply > setting the session context id may make the problem go away and at the same > time unlock the abbreviated SSL handshake optimization. I could be wrong > about this though. > > Whether the above is correct or not, SSL resumption - which removes a > network roundtrip from the connection process - may be a worthy > optimization even for long-lived connections such as PostgreSQL, although > obviously much less valuable than, say, short-lived HTTP connections. > > But regardless, it seems that as you say: if you *don't* want to support > resumption, you're required to explicitly disable it with > SSL_OP_NO_TICKET. > > Just to give some context, Npgsql has its own, internal TLS implementation > which does not implement session tickets at the client side - this is the > workaround currently used. However, it would be much better if the standard > .NET SSL implementation could be used instead (i.e. I'm hoping a backport > would be possible here). > > On Sun, Jul 30, 2017 at 10:59 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote: > >> I wrote: >> > I think what you need to do is tell SslStream not to expect that PG >> > servers will do session resumption. (I'm a bit astonished that that >> > would be its default assumption in the first place, but whatever.) >> >> Actually, after a bit of further googling, it seems that the brain >> damage here may be on the server side. It seems that OpenSSL will >> send a session ticket if requested, even though the surrounding >> application has given it no means to identify the session (!?). >> Apparently we need to pass SSL_OP_NO_TICKET to SSL_CTX_set_options >> to prevent that from happening. >> >> regards, tom lane >> > >
Commits
-
Disallow SSL session tickets.
- c180d2eb7614 9.2.22 landed
- dda04b9dd1bd 9.3.18 landed
- bebee333c3d2 9.5.8 landed
- b798ea88ac6e 9.6.4 landed
- 97d3a0b0900a 10.0 landed
- 8d05db3d8e0c 9.4.13 landed