| From: | Jacob Champion <jacob(dot)champion(at)enterprisedb(dot)com> |
|---|---|
| To: | Cameron Vogt <cvogt(at)automaticcontrols(dot)net> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, "pgsql-bugs(at)lists(dot)postgresql(dot)org" <pgsql-bugs(at)lists(dot)postgresql(dot)org>, Daniel Gustafsson <daniel(at)yesql(dot)se> |
| Subject: | Re: TLS session tickets disabled? |
| Date: | 2024-08-15 17:52:32 |
| Message-ID: | CAOYmi+=o+REWkgJa4URz8Cp_m2xd+g+YPJbk77BrYhNUfynWag@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
On Thu, Aug 15, 2024 at 10:36 AM Cameron Vogt
<cvogt(at)automaticcontrols(dot)net> wrote:
> I don't know enough about TLS handshakes and session tickets to know where the bug truly lies (PostgreSQL/OpenSSL vs .NET's SslStream).
I'm getting the feeling that this is our bug, and that we should be
using both SSL_OP_NO_TICKET (for TLSv1.2) and SSL_CTX_set_num_tickets
(for TLSv1.3). I don't see any indication in the docs or source that
the latter does anything for 1.2.
(cc'ing Daniel)
--Jacob
| From | Date | Subject | |
|---|---|---|---|
| Next Message | David G. Johnston | 2024-08-15 18:30:08 | Re: BUG #18583: jsonb_populate_record return values cannot be queried correctly in subselects |
| Previous Message | Euler Taveira | 2024-08-15 15:13:06 | Re: BUG #18580: The pg_similarity appears to be wrong |