Quick Links

Re: Recent vendor SSL renegotiation patches break PostgreSQL

From:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To:	Robert Haas <robertmhaas(at)gmail(dot)com>
Cc:	Chris Campbell <chris_campbell(at)mac(dot)com>, pgsql-hackers(at)postgresql(dot)org
Subject:	Re: Recent vendor SSL renegotiation patches break PostgreSQL
Date:	2010-02-03 15:21:25
Message-ID:	10424.1265210485@sss.pgh.pa.us
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

Robert Haas <robertmhaas(at)gmail(dot)com> writes:
> Should we think about adding a GUC to disable renegotiation until this
> blows over?

Bad idea: once set, it'll never get unset, thus leaving installations
with a weakened security posture even after they've installed fixed
versions of openssl.

regards, tom lane

In response to

Re: Recent vendor SSL renegotiation patches break PostgreSQL at 2010-02-03 15:03:45 from Robert Haas

Responses

Re: Recent vendor SSL renegotiation patches break PostgreSQL at 2010-02-03 15:28:48 from Robert Haas
Re: Recent vendor SSL renegotiation patches break PostgreSQL at 2010-02-03 15:55:47 from Michael Ledford

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Robert Haas	2010-02-03 15:28:48	Re: Recent vendor SSL renegotiation patches break PostgreSQL
Previous Message	Robert Haas	2010-02-03 15:20:52	Re: Largeobject Access Controls (r2460)