Quick Links

Re: Recent vendor SSL renegotiation patches break PostgreSQL

From:	Robert Haas <robertmhaas(at)gmail(dot)com>
To:	Chris Campbell <chris_campbell(at)mac(dot)com>
Cc:	pgsql-hackers(at)postgresql(dot)org
Subject:	Re: Recent vendor SSL renegotiation patches break PostgreSQL
Date:	2010-02-03 15:03:45
Message-ID:	603c8f071002030703v3fea0d12tf06197fcd0da9f74@mail.gmail.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

On Wed, Feb 3, 2010 at 6:24 AM, Chris Campbell <chris_campbell(at)mac(dot)com> wrote:
> The flurry of patches that vendors have recently been making to OpenSSL to address
> the potential man-in-the-middle attack during SSL renegotiation have disabled SSL
> renegotiation altogether in the OpenSSL libraries. Applications that make use of SSL
> renegotiation, such as PostgreSQL, start failing.

Should we think about adding a GUC to disable renegotiation until this
blows over?

...Robert

In response to

Recent vendor SSL renegotiation patches break PostgreSQL at 2010-02-03 11:24:30 from Chris Campbell

Responses

Re: Recent vendor SSL renegotiation patches break PostgreSQL at 2010-02-03 15:16:29 from Stefan Kaltenbrunner
Re: Recent vendor SSL renegotiation patches break PostgreSQL at 2010-02-03 15:21:25 from Tom Lane

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Stefan Kaltenbrunner	2010-02-03 15:16:29	Re: Recent vendor SSL renegotiation patches break PostgreSQL
Previous Message	Bruce Momjian	2010-02-03 14:59:10	Partial Page Writes documentaiton mention