Re: SSL renegotiation

Noah Misch <noah@leadboat.com>

From: Noah Misch <noah@leadboat.com>
To: David Fetter <david@fetter.org>
Cc: Alvaro Herrera <alvherre@2ndquadrant.com>, Troels Nielsen <bn.troels@gmail.com>, Pg Hackers <pgsql-hackers@postgresql.org>, Sean Chittenden <sean@chittenden.org>
Date: 2013-07-16T23:19:49Z
Lists: pgsql-hackers
On Tue, Jul 16, 2013 at 10:41:44AM -0700, David Fetter wrote:
> On Fri, Jul 12, 2013 at 08:51:52PM -0400, Noah Misch wrote:
> > Agreed.  The OpenSSL Project last applied a security fix to 0.9.6
> > over eight years ago.  Compatibility with 0.9.6 has zero or negative
> > value.
> 
> You've made a persuasive case that we should actively break backward
> compatibility here.  Would that be complicated to do?

Nope.  If Alvaro's code change builds under 0.9.6, malfunctioning only at
runtime, I suspect we would add a "configure"-time version check and possibly
a runtime one as well.

-- 
Noah Misch
EnterpriseDB                                 http://www.enterprisedb.com


Commits

  1. Well, the discussion about SSL a bit back perked my interest and I did