Re: SSL renegotiation
Noah Misch <noah@leadboat.com>
From: Noah Misch <noah@leadboat.com>
To: Alvaro Herrera <alvherre@2ndquadrant.com>
Cc: Tom Lane <tgl@sss.pgh.pa.us>, Andres Freund <andres@2ndquadrant.com>,
Robert Haas <robertmhaas@gmail.com>, Magnus Hagander <magnus@hagander.net>,
Pg Hackers <pgsql-hackers@postgresql.org>
Date: 2014-08-26T04:35:33Z
Lists: pgsql-hackers
On Mon, Aug 25, 2014 at 11:46:13PM -0400, Alvaro Herrera wrote: > Tom Lane wrote: > > OK, then maybe end-of-beta is too long. But how much testing will it get > > during development? I know I never use SSL on development installs. > > How many hackers do? > > Just a reminder that I intend to backpatch this (and subsequent fixes). > We've gone over two 9.4 betas now. Maybe it'd be a good thing if the > beta3 announcement carried a note about enabling SSL with a low > ssl_renegotiation_limit setting. To elaborate on my private comments of 2013-10-11, I share Robert's wariness[1] concerning the magic number of 1024 bytes of renegotiation headroom. Use of that number predates your work, but your work turned exhaustion of that headroom into a FATAL error. Situations where the figure is too small will become disruptive, whereas the problem is nearly invisible today. Network congestion is a factor, so the lack of complaints during beta is relatively uninformative. Disabling renegotiation is a quick workaround, fortunately, but needing to use that workaround will damage users' fragile faith in the safety of our minor releases. My recommendation is to either keep this 9.4-only or do focused load testing to determine the actual worst-case headroom requirement. [1] http://www.postgresql.org/message-id/CA+TgmoZVGmyZLx7e4ARq_5nu4uDeN7wrvg1xJXg_o9c61CHu3g@mail.gmail.com
Commits
-
Well, the discussion about SSL a bit back perked my interest and I did
- 17386ac45345 7.4.1 cited