| From: | Peter Eisentraut <peter_e(at)gmx(dot)net> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Andres Freund <andres(at)anarazel(dot)de> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Should we back-patch SSL renegotiation fixes? |
| Date: | 2015-06-24 19:07:35 |
| Message-ID: | 558AFFF7.8070901@gmx.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 6/24/15 12:26 PM, Tom Lane wrote:
> Andres Freund <andres(at)anarazel(dot)de> writes:
>> On 2015-06-24 11:57:53 -0400, Peter Eisentraut wrote:
>>> If Red Hat fixes their bug, then PostgreSQL doesn't have any actual
>>> problem anymore, does it?
>
>> It does, there are numerous bugs around renegotiation that exist with
>> upstream openssl and postgres. More in the older branches, but even in
>> HEAD we break regularly. Most only occur in replication connections (due
>> to copy both) and/or when using more complex clients where clients and
>> servers send data at the same time due to pipelining.
>
> The lesson to learn from the Red Hat fiasco is that vendors are not
> adequately testing renegotiation either. All the more reason to get
> out from under it. I did not like being told that "Postgres fails and
> $randomapp doesn't, therefore it's Postgres' problem" when actually
> the difference was that $randomapp doesn't invoke renegotiation.
I'm fine with removing renegotiation. But the original proposal was to
backpatch renegation changes, which seemed like replacing one problem
variation with another, and does not sound comfortable given recent
backpatching record.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Haas | 2015-06-24 19:11:22 | object_classes array is broken, again |
| Previous Message | Simon Riggs | 2015-06-24 19:06:37 | Re: Trustly PostgreSQL Data Corruption Bug Bounty Program |