Re: Recent vendor SSL renegotiation patches break PostgreSQL
Robert Haas <robertmhaas@gmail.com>
From: Robert Haas <robertmhaas@gmail.com>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: Chris Campbell <chris_campbell@mac.com>, pgsql-hackers@postgresql.org
Date: 2010-02-03T15:28:48Z
Lists: pgsql-hackers
On Wed, Feb 3, 2010 at 10:21 AM, Tom Lane <tgl@sss.pgh.pa.us> wrote: > Robert Haas <robertmhaas@gmail.com> writes: >> Should we think about adding a GUC to disable renegotiation until this >> blows over? > > Bad idea: once set, it'll never get unset, thus leaving installations > with a weakened security posture even after they've installed fixed > versions of openssl. That's a problem, but our current posture of holding our breath doesn't seem to be working either. If we insist on shipping code that doesn't work with currently-distributed versions of OpenSSL, people will do things like, say, shut SSL off. Or packagers of PostgreSQL will apply patches that disable it unconditionally, leaving us with no control. ...Robert