database/postgres
database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-04-24 10:47:04 +03:00
Code
postgres/src/backend/libpq
History
Magnus Hagander abf23ee86d Reject certificates with embedded NULLs in the commonName field. This stops 
attacks where an attacker would put <attack>\0<propername> in the field and
trick the validation code that the certificate was for <attack>.

This is a very low risk attack since it reuqires the attacker to trick the
CA into issuing a certificate with an incorrect field, and the common
PostgreSQL deployments are with private CAs, and not external ones. Also,
default mode in 8.4 does not do any name validation, and is thus also not
vulnerable - but the higher security modes are.

Backpatch all the way. Even though versions 8.3.x and before didn't have
certificate name validation support, they still exposed this field for
the user to perform the validation in the application code, and there
is no way to detect this problem through that API.

Security: CVE-2009-4034
2009-12-09 06:37:06 +00:00
..
auth.c
Rewrite pam_passwd_conv_proc to be more robust: avoid assuming that the
2009-10-16 22:08:36 +00:00
be-fsstubs.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
2009-06-11 14:49:15 +00:00
be-secure.c
Reject certificates with embedded NULLs in the commonName field. This stops
2009-12-09 06:37:06 +00:00
crypt.c
Remove the use of the pg_auth flat file for client authentication.
2009-08-29 19:26:52 +00:00
hba.c
Fix assorted memory leaks in pg_hba.conf parsing. Over a sufficiently
2009-10-03 20:04:39 +00:00
ip.c
Support "samehost" and "samenet" specifications in pg_hba.conf,
2009-10-01 01:58:58 +00:00
Makefile
Refactor backend makefiles to remove lots of duplicate code
2008-02-19 10:30:09 +00:00
md5.c
Fix possible buffer overrun and/or unportable behavior in pg_md5_encrypt()
2009-09-15 02:31:15 +00:00
pg_hba.conf.sample
Support "samehost" and "samenet" specifications in pg_hba.conf,
2009-10-01 01:58:58 +00:00
pg_ident.conf.sample
Improve comments in pg_ident.conf.sample.
2009-05-16 20:43:46 +00:00
pqcomm.c
Update copyright for 2009.
2009-01-01 17:24:05 +00:00
pqformat.c
8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list
2009-06-11 14:49:15 +00:00
pqsignal.c
Remove the use of the pg_auth flat file for client authentication.
2009-08-29 19:26:52 +00:00
README.SSL
Remove large parts of the old SSL readme, that consisted of a couple
2008-10-24 11:48:29 +00:00

README.SSL 

$PostgreSQL: pgsql/src/backend/libpq/README.SSL,v 1.7 2008/10/24 11:48:29 mha Exp $

SSL
===

>From the servers perspective:


  Receives StartupPacket
           |
           |
 (Is SSL_NEGOTIATE_CODE?) -----------  Normal startup
           |                  No
           |
           | Yes
           |
           |
 (Server compiled with USE_SSL?) ------- Send 'N'
           |                       No        |
           |                                 |
           | Yes                         Normal startup
           |
           |
        Send 'S'
           |
           |
      Establish SSL
           |
           |
      Normal startup
     




>From the clients perspective (v6.6 client _with_ SSL):


      Connect
         |
         |
  Send packet with SSL_NEGOTIATE_CODE
         |
         |
  Receive single char  ------- 'S' -------- Establish SSL
         |                                       |
         | '<else>'                              |
         |                                  Normal startup
         |
         |
   Is it 'E' for error  ------------------- Retry connection
         |                  Yes             without SSL
         | No
         |
   Is it 'N' for normal ------------------- Normal startup
         |                  Yes
         |
   Fail with unknown

---------------------------------------------------------------------------