Re: Recent vendor SSL renegotiation patches break PostgreSQL
Chris Campbell <chris_campbell@mac.com>
From: Chris Campbell <chris_campbell@mac.com>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: Magnus Hagander <magnus@hagander.net>, Bruce Momjian <bruce@momjian.us>, Robert Haas <robertmhaas@gmail.com>, pgsql-hackers <pgsql-hackers@postgresql.org>
Date: 2010-02-22T17:31:17Z
Lists: pgsql-hackers
On Feb 22, 2010, at 12:25 PM, Tom Lane wrote: > I think we already missed the window where it would have been sensible > to install a hack workaround for this. If we'd done that in November > it might have been reasonable, but by now it's too late for any hack > we install to spread much faster than fixed openssl libraries. Could we simply ignore renegotiation errors? Or change them to warnings? That may enable us to work with the semi-fixed OpenSSL libraries that are currently in the field, without disabling the functionality altogether. - Chris