summaryrefslogtreecommitdiff
path: root/src/backend/libpq/be-secure.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/backend/libpq/be-secure.c')
-rw-r--r--src/backend/libpq/be-secure.c26
1 files changed, 24 insertions, 2 deletions
diff --git a/src/backend/libpq/be-secure.c b/src/backend/libpq/be-secure.c
index b854d4337c7..589424c6dd4 100644
--- a/src/backend/libpq/be-secure.c
+++ b/src/backend/libpq/be-secure.c
@@ -11,7 +11,7 @@
*
*
* IDENTIFICATION
- * $Header: /cvsroot/pgsql/src/backend/libpq/be-secure.c,v 1.43.2.5 2009/01/28 15:06:48 mha Exp $
+ * $Header: /cvsroot/pgsql/src/backend/libpq/be-secure.c,v 1.43.2.6 2009/12/09 06:37:09 mha Exp $
*
* Since the server static private key ($DataDir/server.key)
* will normally be stored unencrypted so that the database
@@ -801,12 +801,34 @@ open_server_SSL(Port *port)
}
else
{
+ int r;
+
X509_NAME_oneline(X509_get_subject_name(port->peer),
port->peer_dn, sizeof(port->peer_dn));
port->peer_dn[sizeof(port->peer_dn) - 1] = '\0';
- X509_NAME_get_text_by_NID(X509_get_subject_name(port->peer),
+ r = X509_NAME_get_text_by_NID(X509_get_subject_name(port->peer),
NID_commonName, port->peer_cn, sizeof(port->peer_cn));
port->peer_cn[sizeof(port->peer_cn) - 1] = '\0';
+ if (r == -1)
+ {
+ /* Unable to get the CN, set it to blank so it can't be used */
+ port->peer_cn[0] = '\0';
+ }
+ else
+ {
+ /*
+ * Reject embedded NULLs in certificate common name to prevent attacks like
+ * CVE-2009-4034.
+ */
+ if (r != strlen(port->peer_cn))
+ {
+ ereport(COMMERROR,
+ (errcode(ERRCODE_PROTOCOL_VIOLATION),
+ errmsg("SSL certificate's common name contains embedded null")));
+ close_SSL(port);
+ return -1;
+ }
+ }
}
ereport(DEBUG2,
(errmsg("SSL connection from \"%s\"", port->peer_cn)));
generated by cgit v1.2.3 (git 2.46.0) at 2025-09-06 19:12:55 +0000