Skip site navigation (1) Skip section navigation (2)

Re: Recent vendor SSL renegotiation patches break PostgreSQL

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Robert Haas <robertmhaas(at)gmail(dot)com>
Cc: Chris Campbell <chris_campbell(at)mac(dot)com>, pgsql-hackers(at)postgresql(dot)org
Subject: Re: Recent vendor SSL renegotiation patches break PostgreSQL
Date: 2010-02-03 15:21:25
Message-ID: 10424.1265210485@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-hackers
Robert Haas <robertmhaas(at)gmail(dot)com> writes:
> Should we think about adding a GUC to disable renegotiation until this
> blows over?

Bad idea: once set, it'll never get unset, thus leaving installations
with a weakened security posture even after they've installed fixed
versions of openssl.

			regards, tom lane

In response to

Responses

pgsql-hackers by date

Next:From: Robert HaasDate: 2010-02-03 15:28:48
Subject: Re: Recent vendor SSL renegotiation patches break PostgreSQL
Previous:From: Robert HaasDate: 2010-02-03 15:20:52
Subject: Re: Largeobject Access Controls (r2460)

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group