Add configuration parameter ssl_renegotiation_limit to control
Magnus Hagander <magnus@hagander.net>
Add configuration parameter ssl_renegotiation_limit to control how often we do SSL session key renegotiation. Can be set to 0 to disable renegotiation completely, which is required if a broken SSL library is used (broken patches to CVE-2009-3555 a known cause) or when using a client library that can't do renegotiation.
Files
| Path | Change | +/− |
|---|---|---|
| doc/src/sgml/config.sgml | modified | +27 −1 |
| src/backend/libpq/be-secure.c | modified | +5 −4 |
| src/backend/utils/misc/guc.c | modified | +12 −1 |
| src/backend/utils/misc/postgresql.conf.sample | modified | +1 −0 |