Quick Links

Re: OpenSSL key renegotiation with patched openssl

From:	Dave Cramer <davecramer(at)gmail(dot)com>
To:	Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc:	PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>
Subject:	Re: OpenSSL key renegotiation with patched openssl
Date:	2009-11-27 21:22:51
Message-ID:	4B10432B.4080203@gmail.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

Tom Lane wrote:
> Dave Cramer <pg(at)fastcrypt(dot)com> writes:
>
>> Recently openssl has been patched to not renegotiate keys.
>> http://www.links.org/?p=780
>> After a certain amount of data has gone through a postgresql connection
>> the server will attempt to switch session keys.
>> What is the workaround (if any ) to avoid this in postgresql ?
>>
>
> Install the updated openssl library. Why are you bugging us about
> an openssl patch?
>
> regards, tom lane
>
After applying the updated openssl library slony dies, presumably
because the server requests a new session key

Dave

In response to

Re: OpenSSL key renegotiation with patched openssl at 2009-11-27 21:16:54 from Tom Lane

Responses

Re: OpenSSL key renegotiation with patched openssl at 2009-11-27 21:37:58 from Tom Lane

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Dave Cramer	2009-11-27 21:25:12	Re: OpenSSL key renegotiation with patched openssl
Previous Message	Tom Lane	2009-11-27 21:16:54	Re: OpenSSL key renegotiation with patched openssl