On Fri, Jun 26, 2015 at 9:59 AM, Andres Freund and...@anarazel.de wrote:
Generally I'd agree that that is a bad thing. But there's really not
much of a observable behaviour change in this case? Except that
connections using ssl break less often.
Well, SSL renegotiation exists for a reason: to
Robert Haas robertmh...@gmail.com writes:
On Fri, Jun 26, 2015 at 9:59 AM, Andres Freund and...@anarazel.de wrote:
Generally I'd agree that that is a bad thing. But there's really not
much of a observable behaviour change in this case? Except that
connections using ssl break less often.
On 2015-06-26 10:26:58 -0400, Robert Haas wrote:
On Fri, Jun 26, 2015 at 9:59 AM, Andres Freund and...@anarazel.de wrote:
Generally I'd agree that that is a bad thing. But there's really not
much of a observable behaviour change in this case? Except that
connections using ssl break less
On Thu, Jun 25, 2015 at 8:03 AM, Andres Freund and...@anarazel.de wrote:
I don't accept the argument that there are not ways to tell users
about things they might want to do.
We probably could do that. But why would we want to? It's just as much
work, and puts the onus on more people?
On 2015-06-26 09:53:30 -0400, Robert Haas wrote:
On Thu, Jun 25, 2015 at 8:03 AM, Andres Freund and...@anarazel.de wrote:
I don't accept the argument that there are not ways to tell users
about things they might want to do.
We probably could do that. But why would we want to? It's just as
On 06/26/2015 04:53 PM, Robert Haas wrote:
On Thu, Jun 25, 2015 at 8:03 AM, Andres Freund and...@anarazel.de wrote:
I don't accept the argument that there are not ways to tell users
about things they might want to do.
We probably could do that. But why would we want to? It's just as much
On 06/25/2015 03:03 PM, Andres Freund wrote:
The situation is this: We have broken code using broken code. I think we
either got to apply, darn nontrivial, fixes from
http://archives.postgresql.org/message-id/54DE6FAF.6050005%40vmware.com
or we got to cripple the options.
It's also not the
On 2015-06-24 17:20:31 -0400, Robert Haas wrote:
On Wed, Jun 24, 2015 at 3:49 PM, Andres Freund and...@anarazel.de wrote:
On 2015-06-24 15:41:22 -0400, Peter Eisentraut wrote:
On 6/24/15 3:13 PM, Andres Freund wrote:
Meh. The relevant branches already exist, as you can disable it today.
On 6/25/15 8:03 AM, Andres Freund wrote:
Right now if you use streaming rep over ssl, it breaks after a couple
hundred megabytes with obscure errors.
If it's that bad, then I tend to agree we should turn it off by default.
--
Sent via pgsql-hackers mailing list
On 06/25/2015 06:15 AM, Peter Eisentraut wrote:
On 6/25/15 8:03 AM, Andres Freund wrote:
Right now if you use streaming rep over ssl, it breaks after a couple
hundred megabytes with obscure errors.
If it's that bad, then I tend to agree we should turn it off by default.
From an in the
On Wed, Jun 24, 2015 at 3:49 PM, Andres Freund and...@anarazel.de wrote:
On 2015-06-24 15:41:22 -0400, Peter Eisentraut wrote:
On 6/24/15 3:13 PM, Andres Freund wrote:
Meh. The relevant branches already exist, as you can disable it today.
We could also just change the default in the back
On Wed, Jun 24, 2015 at 3:41 PM, Peter Eisentraut pete...@gmx.net wrote:
On 6/24/15 3:13 PM, Andres Freund wrote:
Meh. The relevant branches already exist, as you can disable it today.
We could also just change the default in the back branches.
One more argument for leaving everything alone.
Tom Lane wrote:
Alvaro Herrera alvhe...@2ndquadrant.com writes:
On Tue, Jun 23, 2015 at 2:33 PM, Tom Lane t...@sss.pgh.pa.us wrote:
I do not know at this point whether these behaviors are really the same
bug or not, but I wonder whether it's time to consider back-patching the
Robert Haas robertmh...@gmail.com writes:
On Wed, Jun 24, 2015 at 3:49 PM, Andres Freund and...@anarazel.de wrote:
On 2015-06-24 15:41:22 -0400, Peter Eisentraut wrote:
One more argument for leaving everything alone. If users don't like it,
they can turn it off themselves.
Because it's so
On 2015-06-24 11:57:53 -0400, Peter Eisentraut wrote:
On 6/23/15 2:33 PM, Tom Lane wrote:
I do not know at this point whether these behaviors are really the same
bug or not, but I wonder whether it's time to consider back-patching the
renegotiation fixes we did in 9.4.
If Red Hat fixes
On 6/23/15 2:33 PM, Tom Lane wrote:
I do not know at this point whether these behaviors are really the same
bug or not, but I wonder whether it's time to consider back-patching the
renegotiation fixes we did in 9.4.
If Red Hat fixes their bug, then PostgreSQL doesn't have any actual
problem
Andres Freund and...@anarazel.de writes:
On 2015-06-24 11:57:53 -0400, Peter Eisentraut wrote:
If Red Hat fixes their bug, then PostgreSQL doesn't have any actual
problem anymore, does it?
It does, there are numerous bugs around renegotiation that exist with
upstream openssl and postgres.
On 6/24/15 3:13 PM, Andres Freund wrote:
Meh. The relevant branches already exist, as you can disable it today.
We could also just change the default in the back branches.
One more argument for leaving everything alone. If users don't like it,
they can turn it off themselves.
--
Sent via
On 2015-06-24 15:41:22 -0400, Peter Eisentraut wrote:
On 6/24/15 3:13 PM, Andres Freund wrote:
Meh. The relevant branches already exist, as you can disable it today.
We could also just change the default in the back branches.
One more argument for leaving everything alone. If users
On 6/24/15 12:26 PM, Tom Lane wrote:
Andres Freund and...@anarazel.de writes:
On 2015-06-24 11:57:53 -0400, Peter Eisentraut wrote:
If Red Hat fixes their bug, then PostgreSQL doesn't have any actual
problem anymore, does it?
It does, there are numerous bugs around renegotiation that exist
On June 24, 2015 9:07:35 PM GMT+02:00, Peter Eisentraut pete...@gmx.net wrote:
On 6/24/15 12:26 PM, Tom Lane wrote:
Andres Freund and...@anarazel.de writes:
On 2015-06-24 11:57:53 -0400, Peter Eisentraut wrote:
If Red Hat fixes their bug, then PostgreSQL doesn't have any actual
problem
Those of you who have been following
http://www.postgresql.org/message-id/flat/1d3bc192-970d-4b70-a5fe-38d2a9f76...@me.com
are aware that Red Hat shipped a rather broken version of openssl last
week. While waiting for them to fix it, I've been poking at the behavior,
and have found out that PG
On Tue, Jun 23, 2015 at 2:33 PM, Tom Lane t...@sss.pgh.pa.us wrote:
Those of you who have been following
http://www.postgresql.org/message-id/flat/1d3bc192-970d-4b70-a5fe-38d2a9f76...@me.com
are aware that Red Hat shipped a rather broken version of openssl last
week. While waiting for them to
Robert Haas wrote:
On Tue, Jun 23, 2015 at 2:33 PM, Tom Lane t...@sss.pgh.pa.us wrote:
I do not know at this point whether these behaviors are really the same
bug or not, but I wonder whether it's time to consider back-patching the
renegotiation fixes we did in 9.4. Specifically, I think
Robert Haas robertmh...@gmail.com writes:
On Tue, Jun 23, 2015 at 2:33 PM, Tom Lane t...@sss.pgh.pa.us wrote:
I do not know at this point whether these behaviors are really the same
bug or not, but I wonder whether it's time to consider back-patching the
renegotiation fixes we did in 9.4.
Alvaro Herrera alvhe...@2ndquadrant.com writes:
On Tue, Jun 23, 2015 at 2:33 PM, Tom Lane t...@sss.pgh.pa.us wrote:
I do not know at this point whether these behaviors are really the same
bug or not, but I wonder whether it's time to consider back-patching the
renegotiation fixes we did in
On Tue, Jun 23, 2015 at 3:48 PM, Tom Lane t...@sss.pgh.pa.us wrote:
Robert Haas robertmh...@gmail.com writes:
On Tue, Jun 23, 2015 at 2:33 PM, Tom Lane t...@sss.pgh.pa.us wrote:
I do not know at this point whether these behaviors are really the same
bug or not, but I wonder whether it's time
27 matches
Mail list logo