|From:||Andres Freund <andres(at)2ndquadrant(dot)com>|
|To:||Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>|
|Cc:||Alvaro Herrera <alvherre(at)2ndquadrant(dot)com>, Robert Haas <robertmhaas(at)gmail(dot)com>, Magnus Hagander <magnus(at)hagander(dot)net>, Pg Hackers <pgsql-hackers(at)postgresql(dot)org>|
|Subject:||Re: SSL renegotiation|
|Views:||Raw Message | Whole Thread | Download mbox | Resend email|
On 2013-11-15 10:58:19 -0500, Tom Lane wrote:
> Andres Freund <andres(at)2ndquadrant(dot)com> writes:
> > On 2013-11-15 10:43:23 -0500, Tom Lane wrote:
> >> Another reason I'm not in a hurry is that the problem we're trying
> >> to solve doesn't seem to be causing real-world trouble. So by
> >> "awhile", I'm thinking "let's let it get through 9.4 beta testing".
> > Well, there have been a bunch of customer complaints about it, afair
> > that's what made Alvaro look into it in the first place. So it's not a
> > victimless bug.
> OK, then maybe end-of-beta is too long. But how much testing will it get
> during development? I know I never use SSL on development installs.
> How many hackers do?
I guess few. And even fewer will actually have connections that live
long enough to experience renegotiations :/.
I wonder how hard it'd be to rig the buildfarm code to generate ssl
certificates and use them during installcheck. If we'd additionally set
a low renegotiation limit...
Andres Freund http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training & Services
|Next Message||Tom Lane||2013-11-15 17:17:17||pgsql: Minor comment corrections for sequence hashtable patch.|
|Previous Message||Tom Lane||2013-11-15 15:58:19||Re: SSL renegotiation|
|Next Message||Erik Rijkers||2013-11-15 16:11:46||Re: Minmax indexes (timings)|
|Previous Message||Dimitri Fontaine||2013-11-15 16:04:57||Re: [PATCH] Add transforms feature|