Re: pgsql: Fix low-risk potential denial of service against RADIUS login.
| От | Thom Brown |
|---|---|
| Тема | Re: pgsql: Fix low-risk potential denial of service against RADIUS login. |
| Дата | |
| Msg-id | AANLkTik6naZXVctOYVGDj0YNoH=S0uKxt7Oj_EJPHY54@mail.gmail.com обсуждение исходный текст |
| Ответ на | pgsql: Fix low-risk potential denial of service against RADIUS login. (Magnus Hagander <magnus@hagander.net>) |
| Список | pgsql-committers |
On 15 October 2010 16:03, Magnus Hagander <magnus@hagander.net> wrote: > Fix low-risk potential denial of service against RADIUS login. > > Corrupt RADIUS responses were treated as errors and not ignored > (which the RFC2865 states they should be). This meant that a > user with unfiltered access to the network of the PostgreSQL > or RADIUS server could send a spoofed RADIUS response > to the PostgreSQL server causing it to reject a valid login, > provided the attacker could also guess (or brute-force) the > correct port number. > > Fix is to simply retry the receive in a loop until the timeout > has expired or a valid (signed by the correct RADIUS server) > packet arrives. > > Reported by Alan DeKok in bug #5687. > > Branch > ------ > master > > Details > ------- > http://git.postgresql.org/gitweb?p=postgresql.git;a=commitdiff;h=0e7f7071e893bb171150e53271404b0819a40669 > > Modified Files > -------------- > src/backend/libpq/auth.c | 220 ++++++++++++++++++++++++++-------------------- > 1 files changed, 126 insertions(+), 94 deletions(-) Should this... timeoutval = (endtime.tv_sec * 1000000 + endtime.tv_usec) - (now.tv_sec * 1000000 + now.tv_usec); be parenthesised a bit more? Given operator precedence, I'm assuming this makes it... timeoutval = ((endtime.tv_sec * 1000000) + endtime.tv_usec) - ((now.tv_sec * 1000000) + now.tv_usec); -- Thom Brown Twitter: @darkixion IRC (freenode): dark_ixion Registered Linux user: #516935
В списке pgsql-committers по дате отправления: