diff options
| author | Tom Lane <tgl@sss.pgh.pa.us> | 2010-07-14 17:09:54 +0000 |
|---|---|---|
| committer | Tom Lane <tgl@sss.pgh.pa.us> | 2010-07-14 17:09:54 +0000 |
| commit | 89ddf54fe5d6a374ffdd6f1eab74beb286ba0d23 (patch) | |
| tree | b769baff7a1d513d2bfc5adea297d8ddee7aca89 /src | |
| parent | f53bc2e78d206290c2b40b6aac0b208f4d115e20 (diff) | |
Allow full SSL certificate verification (wherein libpq checks its host name
parameter against server cert's CN field) to succeed in the case where
both host and hostaddr are specified. As with the existing precedents
for Kerberos, GSSAPI, SSPI, it is the calling application's responsibility
that host and hostaddr match up --- we just use the host name as given.
Per bug #5559 from Christopher Head.
In passing, make the error handling and messages for the no-host-name-given
failure more consistent among these four cases, and correct a lie in the
documentation: we don't attempt to reverse-lookup host from hostaddr
if host is missing.
Back-patch to 8.4 where SSL cert verification was introduced.
Diffstat (limited to 'src')
| -rw-r--r-- | src/interfaces/libpq/fe-auth.c | 16 | ||||
| -rw-r--r-- | src/interfaces/libpq/fe-secure.c | 8 | ||||
| -rw-r--r-- | src/interfaces/libpq/libpq-int.h | 9 |
3 files changed, 17 insertions, 16 deletions
diff --git a/src/interfaces/libpq/fe-auth.c b/src/interfaces/libpq/fe-auth.c index 65f3e2625c0..27493075c43 100644 --- a/src/interfaces/libpq/fe-auth.c +++ b/src/interfaces/libpq/fe-auth.c @@ -7,7 +7,7 @@ * Portions Copyright (c) 1994, Regents of the University of California * * IDENTIFICATION - * $PostgreSQL: pgsql/src/interfaces/libpq/fe-auth.c,v 1.144 2010/03/08 10:01:12 mha Exp $ + * $PostgreSQL: pgsql/src/interfaces/libpq/fe-auth.c,v 1.144.4.1 2010/07/14 17:09:54 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -206,10 +206,10 @@ pg_krb5_sendauth(PGconn *conn) info.pg_krb5_initialised = 0; - if (!conn->pghost) + if (!(conn->pghost && conn->pghost[0] != '\0')) { printfPQExpBuffer(&conn->errorMessage, - "pg_krb5_sendauth: hostname must be specified for Kerberos authentication\n"); + libpq_gettext("host name must be specified\n")); return STATUS_ERROR; } @@ -426,9 +426,10 @@ pg_GSS_startup(PGconn *conn) int maxlen; gss_buffer_desc temp_gbuf; - if (!conn->pghost) + if (!(conn->pghost && conn->pghost[0] != '\0')) { - printfPQExpBuffer(&conn->errorMessage, libpq_gettext("host name must be specified\n")); + printfPQExpBuffer(&conn->errorMessage, + libpq_gettext("host name must be specified\n")); return STATUS_ERROR; } @@ -652,9 +653,10 @@ pg_SSPI_startup(PGconn *conn, int use_negotiate) * but not more complex. We can skip the @REALM part, because Windows will * fill that in for us automatically. */ - if (conn->pghost == NULL) + if (!(conn->pghost && conn->pghost[0] != '\0')) { - printfPQExpBuffer(&conn->errorMessage, libpq_gettext("host name must be specified\n")); + printfPQExpBuffer(&conn->errorMessage, + libpq_gettext("host name must be specified\n")); return STATUS_ERROR; } conn->sspitarget = malloc(strlen(conn->krbsrvname) + strlen(conn->pghost) + 2); diff --git a/src/interfaces/libpq/fe-secure.c b/src/interfaces/libpq/fe-secure.c index 9558010a81c..14a1dcd4599 100644 --- a/src/interfaces/libpq/fe-secure.c +++ b/src/interfaces/libpq/fe-secure.c @@ -11,7 +11,7 @@ * * * IDENTIFICATION - * $PostgreSQL: pgsql/src/interfaces/libpq/fe-secure.c,v 1.135 2010/07/06 19:19:01 momjian Exp $ + * $PostgreSQL: pgsql/src/interfaces/libpq/fe-secure.c,v 1.135.2.1 2010/07/14 17:09:54 tgl Exp $ * * NOTES * @@ -589,16 +589,16 @@ static bool verify_peer_name_matches_certificate(PGconn *conn) { /* - * If told not to verify the peer name, don't do it. Return 0 indicating + * If told not to verify the peer name, don't do it. Return true indicating * that the verification was successful. */ if (strcmp(conn->sslmode, "verify-full") != 0) return true; - if (conn->pghostaddr) + if (!(conn->pghost && conn->pghost[0] != '\0')) { printfPQExpBuffer(&conn->errorMessage, - libpq_gettext("verified SSL connections are only supported when connecting to a host name\n")); + libpq_gettext("host name must be specified for a verified SSL connection\n")); return false; } else diff --git a/src/interfaces/libpq/libpq-int.h b/src/interfaces/libpq/libpq-int.h index ca3497f8f78..b968c14a48a 100644 --- a/src/interfaces/libpq/libpq-int.h +++ b/src/interfaces/libpq/libpq-int.h @@ -12,7 +12,7 @@ * Portions Copyright (c) 1996-2010, PostgreSQL Global Development Group * Portions Copyright (c) 1994, Regents of the University of California * - * $PostgreSQL: pgsql/src/interfaces/libpq/libpq-int.h,v 1.152 2010/07/06 19:19:01 momjian Exp $ + * $PostgreSQL: pgsql/src/interfaces/libpq/libpq-int.h,v 1.152.2.1 2010/07/14 17:09:54 tgl Exp $ * *------------------------------------------------------------------------- */ @@ -282,10 +282,9 @@ struct pg_conn { /* Saved values of connection options */ char *pghost; /* the machine on which the server is running */ - char *pghostaddr; /* the IPv4 address of the machine on which - * the server is running, in IPv4 - * numbers-and-dots notation. Takes precedence - * over above. */ + char *pghostaddr; /* the numeric IP address of the machine on + * which the server is running. Takes + * precedence over above. */ char *pgport; /* the server's communication port */ char *pgunixsocket; /* the Unix-domain socket that the server is * listening on; if NULL, uses a default |