Re: Recent vendor SSL renegotiation patches break PostgreSQL

Chris Campbell <chris_campbell@mac.com>

From: Chris Campbell <chris_campbell@mac.com>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: Magnus Hagander <magnus@hagander.net>, Bruce Momjian <bruce@momjian.us>, Robert Haas <robertmhaas@gmail.com>, pgsql-hackers <pgsql-hackers@postgresql.org>
Date: 2010-02-22T17:31:17Z
Lists: pgsql-hackers
On Feb 22, 2010, at 12:25 PM, Tom Lane wrote:

> I think we already missed the window where it would have been sensible
> to install a hack workaround for this.  If we'd done that in November
> it might have been reasonable, but by now it's too late for any hack
> we install to spread much faster than fixed openssl libraries.

Could we simply ignore renegotiation errors? Or change them to warnings? That may enable us to work with the semi-fixed OpenSSL libraries that are currently in the field, without disabling the functionality altogether. 

- Chris