Robert Haas wrote:
On Wed, Feb 3, 2010 at 6:24 AM, Chris Campbell <chris_campb...@mac.com> wrote:
The flurry of patches that vendors have recently been making to OpenSSL to 
address
the potential man-in-the-middle attack during SSL renegotiation have disabled 
SSL
renegotiation altogether in the OpenSSL libraries. Applications that make use 
of SSL
renegotiation, such as PostgreSQL, start failing.

Should we think about adding a GUC to disable renegotiation until this
blows over?

hmm I wonder if we should not go as far as removing the whole renegotiation code, from the field it seems that there are very very few daemons actually doing that kind forced renegotiation.


Stefan

--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

Reply via email to