Throw if additional unencrypted bytes are left after SSL negotiation (#…

…4131) Closes #4130 (cherry picked from commit b3a5345)
npgsql · Nov 12, 2021 · 85f1a77 · 85f1a77
1 parent fb60757
commit 85f1a77
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/src/Npgsql/NpgsqlConnector.cs b/src/Npgsql/NpgsqlConnector.cs
@@ -617,7 +617,8 @@ async Task RawOpen(NpgsqlTimeout timeout, bool async, CancellationToken cancella
                         break;
                     }
 
-                    ReadBuffer.Clear();  // Reset to empty after reading single SSL char
+                    if (ReadBuffer.ReadBytesLeft > 0)
+                        throw new NpgsqlException("Additional unencrypted data received after SSL negotiation - this should never happen, and may be an indication of a man-in-the-middle attack.");
                 }
 
                 Log.Trace($"Socket connected to {Host}:{Port}");
@@ -1272,7 +1273,7 @@ void DoCancelRequest(int backendProcessId, int backendSecretKey)
                     .GetAwaiter().GetResult();
                 SendMessage(new CancelRequestMessage(backendProcessId, backendSecretKey));
 
-                Debug.Assert(ReadBuffer.ReadPosition == 0);
+                Debug.Assert(ReadBuffer.ReadBytesLeft == 0);
 
                 // Now wait for the server to close the connection, better chance of the cancellation
                 // actually being delivered before we continue with the user's logic.