| From: | Bastiaan Olij <bastiaan(at)basenlily(dot)me> |
|---|---|
| To: | pgsql-novice(at)postgresql(dot)org |
| Subject: | Re: Backups and SSL |
| Date: | 2011-03-01 05:58:05 |
| Message-ID: | 4D6C8AED.2020808@basenlily.me |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-novice |
Hi Tom,
Thanks for that, sounds very likely to be the problem. Forgot to mention
that this is running 8.4.6 on Mac OSX (Enterprise DB build) so a pretty
new build. No idea what they are using for SSL libraries though.
Cheers,
Bas
On 1/03/11 3:58 PM, Tom Lane wrote:
>
> Was this dying after several hundred megabytes pushed across the SSL
> connection? If so, it probably is a known issue: many vendors
> lobotomized their SSL libraries' handling of renegotiation as a stopgap
> solution for the security issue CVE-2009-3555, and not everybody has
> adopted a real fix yet. If you are running a reasonably recent version
> of PG (one released since 2010-02-25) you can work around this by
> setting ssl_renegotiation_limit = 0 in postgresql.conf; but a better fix
> would be to update to a non-lobotomized SSL library if possible. Note
> that either the client- or server-side SSL library could be at fault.
>
> regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Barbara Figueirido | 2011-03-01 12:17:36 | Re: Date operations |
| Previous Message | Nick Raj | 2011-03-01 05:44:28 | Re: Spatio-Temporal Function |