From: | Simon Riggs <simon(at)2ndQuadrant(dot)com> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | Andres Freund <andres(at)anarazel(dot)de>, Simon Riggs <simon(at)2ndquadrant(dot)com>, Shay Rojansky <roji(at)roji(dot)org>, Albe Laurenz <laurenz(dot)albe(at)wien(dot)gv(dot)at>, Alvaro Herrera <alvherre(at)2ndquadrant(dot)com>, "Pgsql-hackers(at)postgresql(dot)org" <Pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: Allow ssl_renegotiation_limit in PG 9.5 |
Date: | 2015-10-17 14:18:50 |
Message-ID: | CANP8+jLt-iN5E6uP6M5mHXwRHtUB7qSN7rhHEKL_qriR6_O61g@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On 17 October 2015 at 14:39, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> Andres Freund <andres(at)anarazel(dot)de> writes:
> > Having to backpatch a new parameter to all supported versions seems far
> > more invasive than adding a guc that can only be set to one value.
>
> Indeed. It is completely stupid to do this in any other way except
> by reinstating ssl_renegotiation_limit as an ordinary GUC variable
> whose min and max are both zero.
>
Agreed, my suggestion requires we can set that GUC, but we can set
not-in-file also.
> Quite aside from the implementation effort of inventing some
> single-purpose kluge to do it another way, that solution would also
> cover the complaints we're doubtless gonna get that "SET
> ssl_renegotiation_limit = 0" doesn't work anymore.
>
Agreed, single purpose kluge is a bad thing.
Rough patch for the extensible, backpatchable, non-invasive proposal
attached.
--
Simon Riggs http://www.2ndQuadrant.com/
<http://www.2ndquadrant.com/>
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
Attachment | Content-Type | Size |
---|---|---|
startup_option_driver.v1.patch | application/octet-stream | 1.4 KB |
From | Date | Subject | |
---|---|---|---|
Next Message | Michael Paquier | 2015-10-17 14:25:23 | Re: checkpoint_segments upgrade recommendation? |
Previous Message | David G. Johnston | 2015-10-17 14:15:24 | Re: WIP: lookbehind constraints for our regexp engine |