Tom Lane wrote:
Dave Cramer p...@fastcrypt.com writes:
Recently openssl has been patched to not renegotiate keys.
http://www.links.org/?p=780
After a certain amount of data has gone through a postgresql connection
the server will attempt to switch session keys.
What is the workaround (if
On Fri, Nov 27, 2009 at 4:58 PM, Tom Lane t...@sss.pgh.pa.us wrote:
Stefan Kaltenbrunner ste...@kaltenbrunner.cc writes:
Tom Lane wrote:
The discussion I saw suggested that you need such a patch at both ends.
and likely requires a restart of both postgresql and slony afterwards...
Actually,
2009/11/27 Tom Lane t...@sss.pgh.pa.us:
Stefan Kaltenbrunner ste...@kaltenbrunner.cc writes:
Tom Lane wrote:
The discussion I saw suggested that you need such a patch at both ends.
and likely requires a restart of both postgresql and slony afterwards...
Actually, after looking through the
Magnus Hagander mag...@hagander.net writes:
I haven't looked into the details but - is there a point for us to
remove the requests for renegotiation completely?
The periodic renegotiations are a recommended security measure.
Fixing one hole by introducing a different attack vector doesn't
seem
Dave Cramer p...@fastcrypt.com writes:
Recently openssl has been patched to not renegotiate keys.
http://www.links.org/?p=780
After a certain amount of data has gone through a postgresql connection
the server will attempt to switch session keys.
What is the workaround (if any ) to avoid this
Tom Lane wrote:
Dave Cramer p...@fastcrypt.com writes:
Recently openssl has been patched to not renegotiate keys.
http://www.links.org/?p=780
After a certain amount of data has gone through a postgresql connection
the server will attempt to switch session keys.
What is the workaround (if
Dave Cramer davecra...@gmail.com writes:
Tom Lane wrote:
Install the updated openssl library. Why are you bugging us about
an openssl patch?
After applying the updated openssl library slony dies, presumably
because the server requests a new session key
The discussion I saw suggested that
Tom Lane wrote:
Dave Cramer davecra...@gmail.com writes:
Tom Lane wrote:
Install the updated openssl library. Why are you bugging us about
an openssl patch?
After applying the updated openssl library slony dies, presumably
because the server requests a new session key
The discussion I
Stefan Kaltenbrunner ste...@kaltenbrunner.cc writes:
Tom Lane wrote:
The discussion I saw suggested that you need such a patch at both ends.
and likely requires a restart of both postgresql and slony afterwards...
Actually, after looking through the available info about this: