Re: Removing SSL renegotiation (Was: Should we back-patch SSL renegotiation fixes?)

From: Andres Freund <andres(at)anarazel(dot)de>
To: Robert Haas <robertmhaas(at)gmail(dot)com>
Cc: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: Removing SSL renegotiation (Was: Should we back-patch SSL renegotiation fixes?)
Date: 2015-06-24 17:41:27
Message-ID: 20150624174127.GA4797@alap3.anarazel.de
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

On 2015-06-24 19:35:51 +0200, Andres Freund wrote:
> Our code currently uses crude hacks (c.f. comment around
> SSL_clear_num_renegotiations(), and the loop around SSL_do_handshake()
> in the back branches) to manage renegotiations. There's pending patches
> to substantially increase the amount of ugly hacking to cope with us
> misusing the SSL_read/write protocol.

C.f.
http://archives.postgresql.org/message-id/54DE6FAF.6050005%40vmware.com

In response to

Browse pgsql-hackers by date

  From Date Subject
Next Message Jeff Janes 2015-06-24 17:54:33 Re: pg_stat_*_columns?
Previous Message Andres Freund 2015-06-24 17:35:51 Re: Removing SSL renegotiation (Was: Should we back-patch SSL renegotiation fixes?)