Don't reflect unescaped cert data to the logs
Peter Eisentraut <peter@eisentraut.org>
Don't reflect unescaped cert data to the logs
Commit 3a0e385048 introduced a new path for unauthenticated bytes from
the client certificate to be printed unescaped to the logs. There are a
handful of these already, but it doesn't make sense to keep making the
problem worse. \x-escape any unprintable bytes.
The test case introduces a revoked UTF-8 certificate. This requires the
addition of the `-utf8` flag to `openssl req`. Since the existing
certificates all use an ASCII subset, this won't modify the existing
certificates' subjects if/when they get regenerated; this was verified
experimentally with
$ make sslfiles-clean
$ make sslfiles
Unfortunately the test can't be run in the CI yet due to a test timing
issue; see 55828a6b60.
Author: Jacob Champion <jchampion@timescale.com>
Discussion: https://www.postgresql.org/message-id/CAAWbhmgsvHrH9wLU2kYc3pOi1KSenHSLAHBbCVmmddW6-mc_=w@mail.gmail.com
Files
| Path | Change | +/− |
|---|---|---|
| src/backend/libpq/be-secure-openssl.c | modified | +31 −26 |
| src/test/ssl/conf/client-revoked-utf8.config | added | +13 −0 |
| src/test/ssl/ssl/client.crl | modified | +10 −9 |
| src/test/ssl/ssl/client-crldir/9bb9e3c3.r0 | modified | +10 −9 |
| src/test/ssl/ssl/client-revoked-utf8.crt | added | +18 −0 |
| src/test/ssl/ssl/client-revoked-utf8.key | added | +27 −0 |
| src/test/ssl/sslfiles.mk | modified | +6 −4 |
| src/test/ssl/ssl/root+client.crl | modified | +10 −9 |
| src/test/ssl/ssl/root+client-crldir/9bb9e3c3.r0 | modified | +10 −9 |
| src/test/ssl/t/001_ssltests.pl | modified | +13 −0 |
| src/test/ssl/t/SSL/Backend/OpenSSL.pm | modified | +2 −1 |
Discussion
- [PATCH] Log details for client certificate failures 52 messages · 2022-05-03 → 2022-10-03