Re: SSL renegotiation
Noah Misch <noah@leadboat.com>
From: Noah Misch <noah@leadboat.com>
To: David Fetter <david@fetter.org>
Cc: Alvaro Herrera <alvherre@2ndquadrant.com>,
Troels Nielsen <bn.troels@gmail.com>,
Pg Hackers <pgsql-hackers@postgresql.org>,
Sean Chittenden <sean@chittenden.org>
Date: 2013-07-16T23:19:49Z
Lists: pgsql-hackers
On Tue, Jul 16, 2013 at 10:41:44AM -0700, David Fetter wrote: > On Fri, Jul 12, 2013 at 08:51:52PM -0400, Noah Misch wrote: > > Agreed. The OpenSSL Project last applied a security fix to 0.9.6 > > over eight years ago. Compatibility with 0.9.6 has zero or negative > > value. > > You've made a persuasive case that we should actively break backward > compatibility here. Would that be complicated to do? Nope. If Alvaro's code change builds under 0.9.6, malfunctioning only at runtime, I suspect we would add a "configure"-time version check and possibly a runtime one as well. -- Noah Misch EnterpriseDB http://www.enterprisedb.com
Commits
-
Well, the discussion about SSL a bit back perked my interest and I did
- 17386ac45345 7.4.1 cited