| From: | bceccarelli(at)net32(dot)com |
|---|---|
| To: | pgsql-bugs(at)postgresql(dot)org |
| Subject: | BUG #13467: Latest Openssl library forces Postgres to Close Connections |
| Date: | 2015-06-24 13:59:58 |
| Message-ID: | 20150624135958.3874.60281@wrigleys.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
The following bug has been logged on the website:
Bug reference: 13467
Logged by: Brian Ceccarelli
Email address: bceccarelli(at)net32(dot)com
PostgreSQL version: 9.4.1
Operating system: Red Hat Enterprise Linux 7.1
Description:
Red Hat as part of their normal updates, released a new version of openssl
which breaks Postgres communication.
When I load a dump, psql will fail in the middle of loading a 2 GB
database.
Openssl release 1.0.1e 52.el7_1.8 and release 1.0.1e 30.el7_6.11 force
connections to have DH keys longer than 768 bytes.
The older version (1 week old) Openssl release 1.0.1e 52.el7_1.6 and release
1.0.1e 30.el7_6.9 allow 512 byte DH keys. This version works.
I am compiling Postgres from source using with-openssl. When OpenSSL is
enabled, and even though I am not using a secure connection, I get an error
message "SSL closed connection--can't negotiate."
When I disable SSL in any fashion, Postgres still terminates the connection,
but I do not see an error. The communication simply stops and the psql
ends.
Here is what Red Hat is up to:
https://access.redhat.com/errata/RHSA-2015:1072
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Walter Willmertinger | 2015-06-24 14:09:54 | Re: BUG #11550: Error messages contain not encodable characters (Latin9) |
| Previous Message | Michael Paquier | 2015-06-24 07:03:53 | Re: Re: windows 8 RTM compatibility issue (could not reserve shared memory region for child) |