aboutsummaryrefslogtreecommitdiff
path: root/src/backend/libpq/be-secure.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/backend/libpq/be-secure.c')
-rw-r--r--src/backend/libpq/be-secure.c24
1 files changed, 22 insertions, 2 deletions
diff --git a/src/backend/libpq/be-secure.c b/src/backend/libpq/be-secure.c
index db7dcc668f1..89cdee63399 100644
--- a/src/backend/libpq/be-secure.c
+++ b/src/backend/libpq/be-secure.c
@@ -11,7 +11,7 @@
*
*
* IDENTIFICATION
- * $PostgreSQL: pgsql/src/backend/libpq/be-secure.c,v 1.59.2.4 2009/01/28 15:06:52 mha Exp $
+ * $PostgreSQL: pgsql/src/backend/libpq/be-secure.c,v 1.59.2.5 2009/12/09 06:37:17 mha Exp $
*
* Since the server static private key ($DataDir/server.key)
* will normally be stored unencrypted so that the database
@@ -899,9 +899,29 @@ aloop:
X509_NAME_oneline(X509_get_subject_name(port->peer),
port->peer_dn, sizeof(port->peer_dn));
port->peer_dn[sizeof(port->peer_dn) - 1] = '\0';
- X509_NAME_get_text_by_NID(X509_get_subject_name(port->peer),
+ r = X509_NAME_get_text_by_NID(X509_get_subject_name(port->peer),
NID_commonName, port->peer_cn, sizeof(port->peer_cn));
port->peer_cn[sizeof(port->peer_cn) - 1] = '\0';
+ if (r == -1)
+ {
+ /* Unable to get the CN, set it to blank so it can't be used */
+ port->peer_cn[0] = '\0';
+ }
+ else
+ {
+ /*
+ * Reject embedded NULLs in certificate common name to prevent attacks like
+ * CVE-2009-4034.
+ */
+ if (r != strlen(port->peer_cn))
+ {
+ ereport(COMMERROR,
+ (errcode(ERRCODE_PROTOCOL_VIOLATION),
+ errmsg("SSL certificate's common name contains embedded null")));
+ close_SSL(port);
+ return -1;
+ }
+ }
}
ereport(DEBUG2,
(errmsg("SSL connection from \"%s\"", port->peer_cn)));
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-01 05:23:53 +0000