Re: BUG #17760: SCRAM authentication fails with "modern" (rsassaPss signature) server certificate
Michael Paquier <michael@paquier.xyz>
From: Michael Paquier <michael@paquier.xyz>
To: Jacob Champion <jchampion@timescale.com>
Cc: Gunnar Nick Bluth <gunnar.bluth@pro-open.de>, Heikki Linnakangas <hlinnaka@iki.fi>, pgsql-bugs@lists.postgresql.org
Date: 2023-02-15T01:22:54Z
Lists: pgsql-bugs
On Mon, Feb 13, 2023 at 09:44:03AM -0800, Jacob Champion wrote: > LGTM too, thanks Michael! I tested against LibreSSL 3.5.3 to > double-check the fallback. Thanks for checking with this one, I don't have LibreSSL in my environment, at least not now. Perhaps I should.. So, I have spent a couple of hours on that, and backpatched the fix down to 11. There were different conflicts for each branch. The new tests have been added in 15~, where the generation of the cert and key files is more straight-forward than ~14. Actually, make sslfiles fails on these branches when using OpenSSL 1.1.1~. Perhaps that may be worth addressing, but the existing tests pass anyway when relying on X509_get_signature_info(), as much as they pass with older versions of OpenSSL. I have done some manual checks with RSA-PSS certs and keys to make sure that channel binding works correctly for these versions (one can just reuse the ones generated on HEAD or REL_15_STABLE in src/test/ssl/ for that). -- Michael
Commits
-
Fix handling of SCRAM-SHA-256's channel binding with RSA-PSS certificates
- 88d606f7cc68 11.20 landed
- a40e7b75e689 12.15 landed
- 2eb8e54cc373 13.11 landed
- 864f80feadea 14.8 landed
- 5fd61055eacf 15.3 landed
- 9244c11afe23 16.0 landed