Disable all TLS session tickets

OpenSSL supports two types of session tickets for TLSv1.3, stateless
and stateful. The option we've used only turns off stateless tickets
leaving stateful tickets active. Use the new API introduced in 1.1.1
to disable all types of tickets.

Backpatch to all supported versions.

Reviewed-by: Heikki Linnakangas 
Reported-by: Andres Freund 
Discussion: https://postgr.es/m/20240617173803[email protected]
Backpatch-through: v12

diff --git a/configure b/configure
index f30e481fbe50654ad663b79fa298cf6b4f197810..f2ef6da3032a98023508efe246697ec3a6ea326b 100755 (executable)
--- a/configure
+++ b/configure
@@ -12740,12 +12740,13 @@ fi
 done
 
   # Function introduced in OpenSSL 1.1.1.
-  for ac_func in X509_get_signature_info
+  for ac_func in X509_get_signature_info SSL_CTX_set_num_tickets
 do :
-  ac_fn_c_check_func "$LINENO" "X509_get_signature_info" "ac_cv_func_X509_get_signature_info"
-if test "x$ac_cv_func_X509_get_signature_info" = xyes; then :
+  as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
+ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
+if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
   cat >>confdefs.h <<_ACEOF
-#define HAVE_X509_GET_SIGNATURE_INFO 1
+#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
 _ACEOF
 
 fi

diff --git a/configure.in b/configure.in
index 748d061a55cc126c150b50ce33807e764159f4fd..be3b3412a832252ec10eb98bfb86b3d9df89f3d2 100644 (file)
--- a/configure.in
+++ b/configure.in
@@ -1281,7 +1281,7 @@ if test "$with_openssl" = yes ; then
   # function was removed.
   AC_CHECK_FUNCS([CRYPTO_lock])
   # Function introduced in OpenSSL 1.1.1.
-  AC_CHECK_FUNCS([X509_get_signature_info])
+  AC_CHECK_FUNCS([X509_get_signature_info SSL_CTX_set_num_tickets])
 fi
 
 if test "$with_pam" = yes ; then

diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-secure-openssl.c
index 2f7eda764f1c656074bd58245c55e66697a82149..503132d010dabc0d8f6a84801d897bfda4b73a89 100644 (file)
--- a/src/backend/libpq/be-secure-openssl.c
+++ b/src/backend/libpq/be-secure-openssl.c
@@ -242,8 +242,20 @@ be_tls_init(bool isServerStart)
        }
    }
 
-   /* disallow SSL session tickets */
+   /*
+    * Disallow SSL session tickets. OpenSSL use both stateful and stateless
+    * tickets for TLSv1.3, and stateless ticket for TLSv1.2. SSL_OP_NO_TICKET
+    * is available since 0.9.8f but only turns off stateless tickets. In
+    * order to turn off stateful tickets we need SSL_CTX_set_num_tickets,
+    * which is available since OpenSSL 1.1.1. LibreSSL 3.5.4 (from OpenBSD
+    * 7.1) introduced this API for compatibility, but doesn't support session
+    * tickets at all so it's a no-op there.
+    */
+#ifdef HAVE_SSL_CTX_SET_NUM_TICKETS
+   SSL_CTX_set_num_tickets(context, 0);
+#else
    SSL_CTX_set_options(context, SSL_OP_NO_TICKET);
+#endif
 
    /* disallow SSL session caching, too */
    SSL_CTX_set_session_cache_mode(context, SSL_SESS_CACHE_OFF);

diff --git a/src/include/pg_config.h.in b/src/include/pg_config.h.in
index 978e685c7043988549283b84ab82d539e4a913f4..23ca6ed812a0c48b75606f5f1112f0eeb91f5061 100644 (file)
--- a/src/include/pg_config.h.in
+++ b/src/include/pg_config.h.in
@@ -686,6 +686,9 @@
 /* Define to 1 if you have the `X509_get_signature_nid' function. */
 #undef HAVE_X509_GET_SIGNATURE_NID
 
+/* Define to 1 if you have the `SSL_CTX_set_num_tickets' function. */
+#undef HAVE_SSL_CTX_SET_NUM_TICKETS
+
 /* Define to 1 if the assembler supports X86_64's POPCNTQ instruction. */
 #undef HAVE_X86_64_POPCNTQ