[pgpool-committers: 10243] pgpool: Abort SSL negotiation if backend sends an error message.

Tatsuo Ishii ishii at postgresql.org
Tue Nov 26 22:04:31 JST 2024


Abort SSL negotiation if backend sends an error message.

In the client side implementation of SSL negotiation
(pool_ssl_negotiate_clientserver()), it was possible for a
man-in-the-middle attacker to send a long error message to confuse
Pgpool-II or client while in the SSL negotiation phase. This commit
rejects the negotiation immediately (issue a FATAL error) and exits
the session to prevent such an attack.

This resembles PostgreSQL's CVE-2024-10977.
Backpatch-through: v4.1

Branch
------
V4_1_STABLE

Details
-------
https://git.postgresql.org/gitweb?p=pgpool2.git;a=commitdiff;h=ff2cd9f9cf7ae70112d0452d4b400c9404d00ddc

Modified Files
--------------
src/utils/pool_ssl.c | 10 ++++++++++
1 file changed, 10 insertions(+)



More information about the pgpool-committers mailing list