From 32001ab0b7b4ee143e195f100543f531757a555b Mon Sep 17 00:00:00 2001
From: Peter Eisentraut <peter_e@gmx.net>
Date: Mon, 24 Feb 2014 20:30:28 -0500
Subject: [PATCH] Update and clarify ssl_ciphers default
- Write HIGH:MEDIUM instead of DEFAULT:!LOW:!EXP for clarity.
- Order 3DES last to work around inappropriate OpenSSL default.
- Remove !MD5 and @STRENGTH, because they are irrelevant.
- Add clarifying documentation.
Effectively, the new default is almost the same as the old one, but it
is arguably easier to understand and modify.
Author: Marko Kreen <markokr@gmail.com>
---
doc/src/sgml/config.sgml | 65 ++++++++++++++++++-
src/backend/utils/misc/guc.c | 2 +-
src/backend/utils/misc/postgresql.conf.sample | 2 +-
3 files changed, 64 insertions(+), 5 deletions(-)
diff --git a/doc/src/sgml/config.sgml b/doc/src/sgml/config.sgml
index 91a601559f0..cf11306f6cb 100644
--- a/doc/src/sgml/config.sgml
+++ b/doc/src/sgml/config.sgml
@@ -889,12 +889,71 @@ include 'filename'
</indexterm>
<listitem>
<para>
- Specifies a list of <acronym>SSL</> ciphers that are allowed to be
+ Specifies a list of <acronym>SSL</> cipher suites that are allowed to be
used on secure connections. See
the <citerefentry><refentrytitle>ciphers</></citerefentry> manual page
in the <application>OpenSSL</> package for the syntax of this setting
- and a list of supported values. The default value is usually
- reasonable, unless you have specific security requirements.
+ and a list of supported values. The default value is
+ <literal>HIGH:MEDIUM:+3DES:!aNULL</>. It is usually reasonable,
+ unless you have specific security requirements.
+ </para>
+
+ <para>
+ Explanation of the default value:
+ <variablelist>
+ <varlistentry>
+ <term><literal>HIGH</literal></term>
+ <listitem>
+ <para>
+ Cipher suites that use ciphers from <literal>HIGH</> group (e.g.,
+ AES, Camellia, 3DES)
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><literal>MEDIUM</literal></term>
+ <listitem>
+ <para>
+ Cipher suites that use ciphers from <literal>MEDIUM</> group
+ (e.g., RC4, SEED)
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><literal>+3DES</literal></term>
+ <listitem>
+ <para>
+ The OpenSSL default order for <literal>HIGH</> is problematic
+ because it orders 3DES higher than AES128. This is wrong because
+ 3DES offers less security than AES128, and it is also much
+ slower. <literal>+3DES</> reorders it after all other
+ <literal>HIGH</> and <literal>MEDIUM</> ciphers.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><literal>!aNULL</literal></term>
+ <listitem>
+ <para>
+ Disables anonymous cipher suites that do no authentication. Such
+ cipher suites are vulnerable to man-in-the-middle attacks and
+ therefore should not be used.
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </para>
+
+ <para>
+ Available cipher suite details will vary across OpenSSL versions. Use
+ the command
+ <literal>openssl ciphers -v 'HIGH:MEDIUM:+3DES:!aNULL'</literal> to
+ see actual details for the currently installed <application>OpenSSL</>
+ version. Note that this list is filtered at run time based on the
+ server key type.
</para>
</listitem>
</varlistentry>
diff --git a/src/backend/utils/misc/guc.c b/src/backend/utils/misc/guc.c
index aa5a8757fa3..b27cb89a289 100644
--- a/src/backend/utils/misc/guc.c
+++ b/src/backend/utils/misc/guc.c
@@ -3237,7 +3237,7 @@ static struct config_string ConfigureNamesString[] =
},
&SSLCipherSuites,
#ifdef USE_SSL
- "DEFAULT:!LOW:!EXP:!MD5:@STRENGTH",
+ "HIGH:MEDIUM:+3DES:!aNULL",
#else
"none",
#endif
diff --git a/src/backend/utils/misc/postgresql.conf.sample b/src/backend/utils/misc/postgresql.conf.sample
index 07341e72a43..ce56059ceb2 100644
--- a/src/backend/utils/misc/postgresql.conf.sample
+++ b/src/backend/utils/misc/postgresql.conf.sample
@@ -79,7 +79,7 @@
#authentication_timeout = 1min # 1s-600s
#ssl = off # (change requires restart)
-#ssl_ciphers = 'DEFAULT:!LOW:!EXP:!MD5:@STRENGTH' # allowed SSL ciphers
+#ssl_ciphers = 'HIGH:MEDIUM:+3DES:!aNULL' # allowed SSL ciphers
# (change requires restart)
#ssl_prefer_server_ciphers = on # (change requires restart)
#ssl_ecdh_curve = 'prime256v1' # (change requires restart)
--
GitLab