diff options
| author | Peter Eisentraut <peter@eisentraut.org> | 2022-09-13 16:10:50 +0200 |
|---|---|---|
| committer | Peter Eisentraut <peter@eisentraut.org> | 2022-09-13 16:10:50 +0200 |
| commit | 257eb57b50f7c65467bfc2f4d579622fa13f3370 (patch) | |
| tree | 74fe36325c4c07f18fba7f6906dc1ef442088bab /src/test/ssl/t | |
| parent | 45b1a67a0fcb3f1588df596431871de4c93cb76f (diff) | |
| download | postgresql-257eb57b50f7c65467bfc2f4d579622fa13f3370.tar.gz postgresql-257eb57b50f7c65467bfc2f4d579622fa13f3370.zip | |
Don't reflect unescaped cert data to the logs
Commit 3a0e385048 introduced a new path for unauthenticated bytes from
the client certificate to be printed unescaped to the logs. There are a
handful of these already, but it doesn't make sense to keep making the
problem worse. \x-escape any unprintable bytes.
The test case introduces a revoked UTF-8 certificate. This requires the
addition of the `-utf8` flag to `openssl req`. Since the existing
certificates all use an ASCII subset, this won't modify the existing
certificates' subjects if/when they get regenerated; this was verified
experimentally with
$ make sslfiles-clean
$ make sslfiles
Unfortunately the test can't be run in the CI yet due to a test timing
issue; see 55828a6b60.
Author: Jacob Champion <jchampion@timescale.com>
Discussion: https://www.postgresql.org/message-id/CAAWbhmgsvHrH9wLU2kYc3pOi1KSenHSLAHBbCVmmddW6-mc_=w@mail.gmail.com
Diffstat (limited to 'src/test/ssl/t')
| -rw-r--r-- | src/test/ssl/t/001_ssltests.pl | 13 | ||||
| -rw-r--r-- | src/test/ssl/t/SSL/Backend/OpenSSL.pm | 3 |
2 files changed, 15 insertions, 1 deletions
diff --git a/src/test/ssl/t/001_ssltests.pl b/src/test/ssl/t/001_ssltests.pl index fa26212de9a..efab2ac194c 100644 --- a/src/test/ssl/t/001_ssltests.pl +++ b/src/test/ssl/t/001_ssltests.pl @@ -793,4 +793,17 @@ $node->connect_fails( # ] ); +# revoked client cert, non-ASCII subject +$node->connect_fails( + "$common_connstr user=ssltestuser sslcert=ssl/client-revoked-utf8.crt " + . sslkey('client-revoked-utf8.key'), + "certificate authorization fails with revoked UTF-8 client cert with server-side CRL directory", + expected_stderr => qr/SSL error: sslv3 alert certificate revoked/, + # temporarily(?) skip this check due to timing issue +# log_like => [ +# qr{Client certificate verification failed at depth 0: certificate revoked}, +# qr{Failed certificate data \(unverified\): subject "/CN=\\xce\\x9f\\xce\\xb4\\xcf\\x85\\xcf\\x83\\xcf\\x83\\xce\\xad\\xce\\xb1\\xcf\\x82", serial number 2315420958437414144, issuer "/CN=Test CA for PostgreSQL SSL regression test client certs"}, +# ] +); + done_testing(); diff --git a/src/test/ssl/t/SSL/Backend/OpenSSL.pm b/src/test/ssl/t/SSL/Backend/OpenSSL.pm index a43e64c04fb..6386a253236 100644 --- a/src/test/ssl/t/SSL/Backend/OpenSSL.pm +++ b/src/test/ssl/t/SSL/Backend/OpenSSL.pm @@ -88,7 +88,8 @@ sub init "client.key", "client-revoked.key", "client-der.key", "client-encrypted-pem.key", "client-encrypted-der.key", "client-dn.key", - "client_ext.key", "client-long.key"); + "client_ext.key", "client-long.key", + "client-revoked-utf8.key"); foreach my $keyfile (@keys) { copy("ssl/$keyfile", "$cert_tempdir/$keyfile") |