| From: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com> |
|---|---|
| To: | Andres Freund <andres(at)anarazel(dot)de> |
| Cc: | Noah Misch <noah(at)leadboat(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, PostgreSQL mailing lists <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Re: Removing SSL renegotiation (Was: Should we back-patch SSL renegotiation fixes?) |
| Date: | 2015-07-11 12:09:05 |
| Message-ID: | CAB7nPqQnjiDixR5qNJ86QnM++sKpyTedTNLF_vNPmVtu5xOZyQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Fri, Jul 10, 2015 at 7:47 PM, Andres Freund <andres(at)anarazel(dot)de> wrote:
> On 2015-07-01 23:32:23 -0400, Noah Misch wrote:
> > We'd need to be triply confident that we know better than the DBA before
> > removing flexibility in back branches.
> > +1 for just changing the default.
>
> I think we do. But I also think that I pretty clearly lost this
> argument, so let's just change the default.
>
> Is anybody willing to work on this?
>
Something like the patches attached could be considered, one is for master
and REL9_5_STABLE to remove ssl_renegotiation_limit, the second one for
~REL9_4_STABLE to change the default to 0.
Regards,
--
Michael
| Attachment | Content-Type | Size |
|---|---|---|
| 20150710_ssl_renegotiation_remove-94.patch | binary/octet-stream | 1.7 KB |
| 20150710_ssl_renegotiation_remove-master.patch | binary/octet-stream | 6.6 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andres Freund | 2015-07-11 12:28:49 | Re: Re: Removing SSL renegotiation (Was: Should we back-patch SSL renegotiation fixes?) |
| Previous Message | Tomas Vondra | 2015-07-11 12:00:53 | Re: PATCH: index-only scans with partial indexes |