Re: OpenSSL key renegotiation with patched openssl

From: Dave Cramer <pg(at)fastcrypt(dot)com>
To:
Cc: PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: OpenSSL key renegotiation with patched openssl
Date: 2009-11-27 21:25:12
Message-ID: 4B1043B8.90104@fastcrypt.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Tom Lane wrote:
> Dave Cramer <pg(at)fastcrypt(dot)com> writes:
>
>> Recently openssl has been patched to not renegotiate keys.
>> http://www.links.org/?p=780
>> After a certain amount of data has gone through a postgresql connection
>> the server will attempt to switch session keys.
>> What is the workaround (if any ) to avoid this in postgresql ?
>>
>
> Install the updated openssl library. Why are you bugging us about
> an openssl patch?
>
> regards, tom lane
>

After applying the updated openssl library slony dies, presumably
because the server requests a new session key

Dave

In response to

Browse pgsql-hackers by date

  From Date Subject
Next Message Tom Lane 2009-11-27 21:37:58 Re: OpenSSL key renegotiation with patched openssl
Previous Message Dave Cramer 2009-11-27 21:22:51 Re: OpenSSL key renegotiation with patched openssl