Fix low-risk potential denial of service against RADIUS login.
Corrupt RADIUS responses were treated as errors and not ignored
(which the RFC2865 states they should be). This meant that a
user with unfiltered access to the network of the PostgreSQL
or RADIUS server could send a spoofed RADIUS response
to the PostgreSQL server causing it to reject a valid login,
provided the attacker could also guess (or brute-force) the
correct port number.
Fix is to simply retry the receive in a loop until the timeout
has expired or a valid (signed by the correct RADIUS server)
Reported by Alan DeKok in bug #5687.
src/backend/libpq/auth.c | 220 ++++++++++++++++++++++++++--------------------
1 files changed, 126 insertions(+), 94 deletions(-)
pgsql-committers by date
|Next:||From: Thom Brown||Date: 2010-10-15 15:16:51|
|Subject: Re: pgsql: Fix low-risk potential denial of service
against RADIUS login.|
|Previous:||From: User Andrewd||Date: 2010-10-15 14:16:13|
|Subject: pgbuildfarm - client-code: facility to add notes for member on server|