src/backend/libpq/README.SSL


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81

>From the servers perspective:


  Receives StartupPacket
           |
           |
 (Is SSL_NEGOTIATE_CODE?) -----------  Normal startup
           |                  No
           |
           | Yes
           |
           |
 (Server compiled with USE_SSL?) ------- Send 'N'
           |                       No        |
           |                                 |
           | Yes                         Normal startup
           |
           |
        Send 'S'
           |
           |
      Establish SSL
           |
           |
      Normal startup
     

>From the clients perspective (v6.6 client _with_ SSL):


      Connect
         |
         |
  Send packet with SSL_NEGOTIATE_CODE
         |
         |
  Receive single char  ------- 'S' -------- Establish SSL
         |                                       |
         | '<else>'                              |
         |                                  Normal startup
         |
         |
   Is it 'E' for error  ------------------- Retry connection
         |                  Yes             without SSL
         | No
         |
   Is it 'N' for normal ------------------- Normal startup
         |                  Yes
         |
   Fail with unknown

Comments from Bear Giles:

On a related note, I had mentioned this before but it's a subtle point 
and I'm sure that it's slipped everyone's mind...

 - if you need to have confidence in the identity of the database 
server, e.g., you're storing sensitive information and you absolutely 
must prevent any "man in the middle" attacks, use the SSL code I 
provided with server-side certs.  To many users, the key issue is not 
whether the data is encrypted, it's whether the other party can be 
trusted to be who they claim to be.

- if you just need confidentiality, but you don't need to verify the 
identity of the database server (e.g., because you trust the IP address,
but worry about packet sniffers), SSH tunnels are much easier to set up 
and maintain than the embedded SSL code.  You can set up the database 
server so it doesn't require a certificate (hell, you can hard code a 
fallback certificate into the server!), *but that violates the common 
practice of SSL-enabled servers.*  I cannot overemphasize this - every 
other SSL-enabled server requires a certificate, and most provide 
installation scripts to create a "snake oil" temporary certificate.  I 
can't think of  any server (apache+mod_ssl, courier-imap, postfix(+tls),
etc.) that uses anonymous servers.

- if you don't need confidentiality, e.g., you're on a trusted network 
segment, then use direct access to the server port.