Home > mailing lists

Re: Removing SSL renegotiation (Was: Should we back-patch SSL renegotiation fixes?) - Mailing list pgsql-hackers

From	Andres Freund
Subject	Re: Removing SSL renegotiation (Was: Should we back-patch SSL renegotiation fixes?)
Date	June 27, 2015 19:13:47
Msg-id	20150627161336.GH30708@awork2.anarazel.de Whole thread Raw
In response to	Re: Removing SSL renegotiation (Was: Should we back-patch SSL renegotiation fixes?) (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: Removing SSL renegotiation (Was: Should we back-patch SSL renegotiation fixes?) (Noah Misch <noah@leadboat.com>)
List	pgsql-hackers

Tree view

On 2015-06-27 12:10:49 -0400, Tom Lane wrote:
> Andres Freund <andres@anarazel.de> writes:
> > On 2015-06-27 15:07:05 +0900, Michael Paquier wrote:
> >> +1 for removing on master and just disabling on back-branches.
> 
> > The problem with that approach is that it leaves people hanging in the
> > dry if they've uncommented the default value, or changed it. That
> > doesn't seem nice to me.
> 
> I think at least 99% of the people who are using a nondefault value of
> ssl_renegotiation_limit are using zero and so would have no problem with
> this at all.  Possibly 100% of them; there's not really much use-case for
> changing from 512MB to some other nonzero value, is there?

While still at 2ndq I've seen some increase it to nonzero values to cope
with the connection breaks.

Andres

pgsql-hackers by date:

From: Tom Lane
Date: 27 June 2015, 19:10:57
Subject: Re: Removing SSL renegotiation (Was: Should we back-patch SSL renegotiation fixes?)

From: Tom Lane
Date: 27 June 2015, 19:32:59
Subject: pg_file_settings view vs. Windows

Re: Removing SSL renegotiation (Was: Should we back-patch SSL renegotiation fixes?) - Mailing list pgsql-hackers

Previous

Next