Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to content

Commit 03a0e0d

Browse files
committed
libpq: Enforce ALPN in direct SSL connections
ALPN is mandatory with direct SSL connections. That is documented, and the server checks it, but libpq was missing the check. Reported-by: Jacob Champion Reviewed-by: Michael Paquier Discussion: https://www.postgresql.org/message-id/CAOYmi+=sj+1uydS0NR4nYzw-LRWp3Q-s5speBug5UCLSPMbvGA@mail.gmail.com
1 parent 87d2801 commit 03a0e0d

File tree

1 file changed

+28
-0
lines changed

1 file changed

+28
-0
lines changed

src/interfaces/libpq/fe-secure-openssl.c

+28
Original file line numberDiff line numberDiff line change
@@ -1585,6 +1585,34 @@ open_client_SSL(PGconn *conn)
15851585
}
15861586
}
15871587

1588+
/* ALPN is mandatory with direct SSL connections */
1589+
if (conn->current_enc_method == ENC_DIRECT_SSL)
1590+
{
1591+
const unsigned char *selected;
1592+
unsigned int len;
1593+
1594+
SSL_get0_alpn_selected(conn->ssl, &selected, &len);
1595+
1596+
if (selected == NULL)
1597+
{
1598+
libpq_append_conn_error(conn, "direct SSL connection was established without ALPN protocol negotiation extension");
1599+
pgtls_close(conn);
1600+
return PGRES_POLLING_FAILED;
1601+
}
1602+
1603+
/*
1604+
* We only support one protocol so that's what the negotiation should
1605+
* always choose, but doesn't hurt to check.
1606+
*/
1607+
if (len != strlen(PG_ALPN_PROTOCOL) ||
1608+
memcmp(selected, PG_ALPN_PROTOCOL, strlen(PG_ALPN_PROTOCOL)) != 0)
1609+
{
1610+
libpq_append_conn_error(conn, "SSL connection was established with unexpected ALPN protocol");
1611+
pgtls_close(conn);
1612+
return PGRES_POLLING_FAILED;
1613+
}
1614+
}
1615+
15881616
/*
15891617
* We already checked the server certificate in initialize_SSL() using
15901618
* SSL_CTX_set_verify(), if root.crt exists.

0 commit comments

Comments
 (0)