14
* $PostgreSQL: pgsql/src/backend/libpq/be-secure.c,v 1.91 2009/05/11 08:06:21 mha Exp $
14
* $PostgreSQL: pgsql/src/backend/libpq/be-secure.c,v 1.92 2009/06/11 14:48:58 momjian Exp $
16
16
* Since the server static private key ($DataDir/server.key)
17
17
* will normally be stored unencrypted so that the database
730
730
* Load and verify certificate and private key
732
732
if (SSL_CTX_use_certificate_chain_file(SSL_context,
733
SERVER_CERT_FILE) != 1)
733
SERVER_CERT_FILE) != 1)
735
735
(errcode(ERRCODE_CONFIG_FILE_ERROR),
736
736
errmsg("could not load server certificate file \"%s\": %s",
754
754
if (!S_ISREG(buf.st_mode) || buf.st_mode & (S_IRWXG | S_IRWXO))
756
756
(errcode(ERRCODE_CONFIG_FILE_ERROR),
757
errmsg("private key file \"%s\" has group or world access",
758
SERVER_PRIVATE_KEY_FILE),
759
errdetail("Permissions should be u=rw (0600) or less.")));
757
errmsg("private key file \"%s\" has group or world access",
758
SERVER_PRIVATE_KEY_FILE),
759
errdetail("Permissions should be u=rw (0600) or less.")));
762
762
if (SSL_CTX_use_PrivateKey_file(SSL_context,
763
SERVER_PRIVATE_KEY_FILE,
764
SSL_FILETYPE_PEM) != 1)
763
SERVER_PRIVATE_KEY_FILE,
764
SSL_FILETYPE_PEM) != 1)
766
766
(errmsg("could not load private key file \"%s\": %s",
767
767
SERVER_PRIVATE_KEY_FILE, SSLerrmessage())));
781
781
elog(FATAL, "could not set the cipher list (no valid ciphers available)");
784
* Attempt to load CA store, so we can verify client certificates if needed.
784
* Attempt to load CA store, so we can verify client certificates if
786
787
if (access(ROOT_CERT_FILE, R_OK))
788
789
ssl_loaded_verify_locations = false;
791
* If root certificate file simply not found. Don't log an error here, because
792
* it's quite likely the user isn't planning on using client certificates.
793
* If we can't access it for other reasons, it is an error.
792
* If root certificate file simply not found. Don't log an error here,
793
* because it's quite likely the user isn't planning on using client
794
* certificates. If we can't access it for other reasons, it is an
795
797
if (errno != ENOENT)
798
(errmsg("could not access root certificate file \"%s\": %m",
800
(errmsg("could not access root certificate file \"%s\": %m",
802
804
else if (SSL_CTX_load_verify_locations(SSL_context, ROOT_CERT_FILE, NULL) != 1)
805
* File was there, but we could not load it. This means the file is somehow
806
* broken, and we cannot do verification at all - so abort here.
807
* File was there, but we could not load it. This means the file is
808
* somehow broken, and we cannot do verification at all - so abort
808
811
ssl_loaded_verify_locations = false;
846
* Always ask for SSL client cert, but don't fail if it's not presented. We'll fail later in this case,
847
* based on what we find in pg_hba.conf.
849
* Always ask for SSL client cert, but don't fail if it's not
850
* presented. We'll fail later in this case, based on what we find
849
853
SSL_CTX_set_verify(SSL_context,
850
854
(SSL_VERIFY_PEER |