Re: [PATCH] Log details for client certificate failures
Jacob Champion <jchampion@timescale.com>
From: Jacob Champion <jchampion@timescale.com>
To: Andres Freund <andres@anarazel.de>
Cc: Peter Eisentraut <peter.eisentraut@enterprisedb.com>,
"pgsql-hackers@postgresql.org" <pgsql-hackers@postgresql.org>
Date: 2022-07-15T20:20:59Z
Lists: pgsql-hackers
On 7/15/22 12:11, Andres Freund wrote: > This might have been discussed somewhere, but I'm worried about emitting > unescaped data from pre-auth clients. What guarantees that subject / issuer > name only contain printable ascii-chars? Printing terminal control chars or > such would not be great, nor would splitting a string at a multi-boundary. Hm. The last time I asked about that, Magnus pointed out that we reflect port->user_name as-is [1], so I kind of stopped worrying about it. Is this more dangerous than that? (And do we want to fix it now, regardless?) What guarantees are we supposed to be making for log encoding? Thanks, --Jacob [1] https://www.postgresql.org/message-id/CABUevExVHryTasKmtJW5RtU-dBesYj4bV7ggpeVMfiPCHCvLNA%40mail.gmail.com
Commits
-
Fix tiny memory leaks
- a9d58bfe8a3a 16.0 landed
-
Don't reflect unescaped cert data to the logs
- 257eb57b50f7 16.0 landed
-
pg_clean_ascii(): escape bytes rather than lose them
- 45b1a67a0fcb 16.0 landed
-
Log details for client certificate failures
- 3a0e385048ad 16.0 landed