Re: Fix error handling in be_tls_open_server()
Daniel Gustafsson <daniel@yesql.se>
From: Daniel Gustafsson <daniel@yesql.se>
To: Jacob Champion <jchampion@timescale.com>
Cc: Sergey Shinderuk <s.shinderuk@postgrespro.ru>,
PostgreSQL Hackers <pgsql-hackers@postgresql.org>
Date: 2023-08-23T21:54:03Z
Lists: pgsql-hackers
> On 23 Aug 2023, at 23:47, Jacob Champion <jchampion@timescale.com> wrote: > > On Wed, Aug 23, 2023 at 6:23 AM Daniel Gustafsson <daniel@yesql.se> wrote: >> This has the smell of a theoretical problem, I can't really imagine a >> certificate where which would produce this. Have you been able to trigger it? >> >> Wouldn't a better fix be to error out on len == -1 as in the attached, maybe >> with a "Shouldn't happen" comment? > > Using "cert clientname=DN" in the HBA should let you issue Subjects > without Common Names. Or, if you're using a certificate to authorize > the connection rather than authenticate the user (for example > "scram-sha-256 clientcert=verify-ca" in your HBA), then the certs you > distribute could even be SAN-only with a completely empty Subject. That's a good point, didn't think about those. In those cases the original patch by Sergey seems along the right lines. -- Daniel Gustafsson
Commits
-
Avoid potential pfree on NULL on OpenSSL errors
- f720875a4670 16.1 landed
- 9dc85806d8be 15.5 landed
- 5f3aa309a880 17.0 landed