postgresql/src/include
Tom Lane d1bd26740a Reject extraneous data after SSL or GSS encryption handshake.
The server collects up to a bufferload of data whenever it reads data
from the client socket.  When SSL or GSS encryption is requested
during startup, any additional data received with the initial
request message remained in the buffer, and would be treated as
already-decrypted data once the encryption handshake completed.
Thus, a man-in-the-middle with the ability to inject data into the
TCP connection could stuff some cleartext data into the start of
a supposedly encryption-protected database session.

This could be abused to send faked SQL commands to the server,
although that would only work if the server did not demand any
authentication data.  (However, a server relying on SSL certificate
authentication might well not do so.)

To fix, throw a protocol-violation error if the internal buffer
is not empty after the encryption handshake.

Our thanks to Jacob Champion for reporting this problem.

Security: CVE-2021-23214
2021-11-08 11:01:43 -05:00
..
access Fix CREATE INDEX CONCURRENTLY for the newest prepared transactions. 2021-10-23 18:36:42 -07:00
bootstrap Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
catalog Fix WAL replay in presence of an incomplete record 2021-09-29 11:21:51 -03:00
commands Fix toast rewrites in logical decoding. 2021-08-25 09:32:56 +05:30
common Move connect.h from fe_utils to src/include/common. 2020-08-10 09:22:58 -07:00
datatype Update copyright for 2019 2019-01-02 12:44:25 -05:00
executor Restore the portal-level snapshot after procedure COMMIT/ROLLBACK. 2021-05-21 14:03:53 -04:00
fe_utils Fix parallel restore of FKs to partitioned tables 2019-10-17 09:58:01 +02:00
foreign Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
jit jit: Do not try to shut down LLVM state in case of LLVM triggered errors. 2021-09-13 18:26:18 -07:00
lib Fix incorrect hash table resizing code in simplehash.h 2021-08-13 16:43:13 +12:00
libpq Reject extraneous data after SSL or GSS encryption handshake. 2021-11-08 11:01:43 -05:00
mb Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
nodes Avoid trying to lock OLD/NEW in a rule with FOR UPDATE. 2021-08-19 12:12:35 -04:00
optimizer Fix pull_varnos' miscomputation of relids set for a PlaceHolderVar. 2021-01-21 15:37:23 -05:00
parser Calculate extraUpdatedCols in query rewriter, not parser. 2020-10-28 13:47:02 -04:00
partitioning Fix hash partition pruning with asymmetric partition sets. 2021-01-28 13:41:55 -05:00
port Remove unnecessary declaration in win32_port.h 2021-06-08 13:40:10 +09:00
portability Update copyright for 2019 2019-01-02 12:44:25 -05:00
postmaster Fix race condition between shutdown and unstarted background workers. 2020-12-24 17:00:43 -05:00
regex Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
replication Reset properly snapshot export state during transaction abort 2021-10-18 11:56:54 +09:00
rewrite Calculate extraUpdatedCols in query rewriter, not parser. 2020-10-28 13:47:02 -04:00
snowball Update copyright for 2019 2019-01-02 12:44:25 -05:00
statistics Fix choose_best_statistics to check clauses individually 2019-11-28 22:26:25 +01:00
storage Fix CREATE INDEX CONCURRENTLY for the newest prepared transactions. 2021-10-23 18:36:42 -07:00
tcop Restore the portal-level snapshot after procedure COMMIT/ROLLBACK. 2021-05-21 14:03:53 -04:00
tsearch Don't leak compiled regex(es) when an ispell cache entry is dropped. 2021-03-18 21:44:43 -04:00
utils Avoid race in RelationBuildDesc() affecting CREATE INDEX CONCURRENTLY. 2021-10-23 18:36:42 -07:00
.gitignore Refactor dlopen() support 2018-09-06 11:33:04 +02:00
c.h pg_attribute_no_sanitize_alignment() macro 2021-02-13 17:49:08 -05:00
fmgr.h Fix minor violations of FunctionCallInvoke usage protocol. 2020-04-21 14:23:58 -04:00
funcapi.h Avoid holding a directory FD open across assorted SRF calls. 2020-03-16 21:05:53 -04:00
getaddrinfo.h Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
getopt_long.h Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
Makefile Get rid of jsonpath_gram.h and jsonpath_scanner.h 2019-03-20 11:13:34 +03:00
miscadmin.h Refactor CHECK_FOR_INTERRUPTS() to add flexibility. 2021-05-14 12:54:26 -04:00
pg_config.h.in Update configure's probe for libldap to work with OpenLDAP 2.5. 2021-07-09 12:38:55 -04:00
pg_config.h.win32 Stamp 12.8. 2021-08-09 16:50:41 -04:00
pg_config_ext.h.in Autoconfiscate selection of 64-bit int type for 64-bit large object API. 2012-10-07 21:52:43 -04:00
pg_config_ext.h.win32 Autoconfiscate selection of 64-bit int type for 64-bit large object API. 2012-10-07 21:52:43 -04:00
pg_config_manual.h Update copyright for 2019 2019-01-02 12:44:25 -05:00
pg_getopt.h Use our own getopt() on OpenBSD. 2019-01-18 15:06:26 -05:00
pg_trace.h Update copyright for 2019 2019-01-02 12:44:25 -05:00
pgstat.h Add GUC variables for stat tracking and timeout as PGDLLIMPORT 2020-01-21 13:46:55 +09:00
pgtar.h Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
pgtime.h Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00
port.h Add fallback implementation for setenv() 2021-06-01 09:27:31 +09:00
postgres.h Change function call information to be variable length. 2019-01-26 14:17:52 -08:00
postgres_ext.h Phase 2 of pgindent updates. 2017-06-21 15:19:25 -04:00
postgres_fe.h Update copyright for 2019 2019-01-02 12:44:25 -05:00
rusagestub.h Update copyright for 2019 2019-01-02 12:44:25 -05:00
windowapi.h Phase 2 pgindent run for v12. 2019-05-22 13:04:48 -04:00