Re: Should we back-patch SSL renegotiation fixes?

Robert Haas <robertmhaas(at)gmail(dot)com> writes:
> On Tue, Jun 23, 2015 at 2:33 PM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>> I do not know at this point whether these behaviors are really the same
>> bug or not, but I wonder whether it's time to consider back-patching the
>> renegotiation fixes we did in 9.4. Specifically, I think maybe we should
>> back-patch 31cf1a1a4, 86029b31e, and 36a3be654. (There are more changes
>> in master, but since those haven't yet shipped in any released branch,
>> and there's been a lot of other rework in the same area, those probably
>> are not back-patch candidates.)
>>
>> Thoughts?

> I have no clear idea how safe it is to back-port these fixes.

Well, it would mean that pre-9.5 branches all behave the same, which
would be an improvement in my book. Also, ISTM that the 9.4 code
for renegotiation assumes a whole lot less than prior branches about
OpenSSL's internal behavior; so it ought to be more robust, even if
some bugs remain.

> Just as a point of reference, we had a customer hit a problem similar
> to bug #12769 on 9.3.x. I think (but am not sure) that 272923a0a may
> have been intended to fix that issue. In a quick search, I didn't
> find any other complaints about renegotiation-related issues from our
> customers.

The problem with trying to adopt code from HEAD is that it probably
depends on the rather invasive changes explained here:
http://www.postgresql.org/message-id/20150126101405.GA31719@awork2.anarazel.de
Even assuming that there's no dependency on the immediate-interrupt
changes, I'm afraid to back-patch anything that invasive.

regards, tom lane