Postgres Pro
Downloads
Home   >   mailing lists

Re: sslcompression / PGSSLCOMPRESSION not behaving as documented? - Mailing list pgsql-general

From Adrian Klaver
Subject Re: sslcompression / PGSSLCOMPRESSION not behaving as documented?
Date
Msg-id 54B93F52.2020405@aklaver.com
Whole thread Raw
In response to Re: sslcompression / PGSSLCOMPRESSION not behaving as documented?  (Tom Lane <tgl@sss.pgh.pa.us>)
Responses Re: sslcompression / PGSSLCOMPRESSION not behaving as documented?  (Magnus Hagander <magnus@hagander.net>)
Re: sslcompression / PGSSLCOMPRESSION not behaving as documented?  (Martijn van Oosterhout <kleptog@svana.org>)
Re: sslcompression / PGSSLCOMPRESSION not behaving as documented?  (Martijn van Oosterhout <kleptog@svana.org>)
List pgsql-general
Tree view 
On 01/16/2015 08:30 AM, Tom Lane wrote:
> Maciek Sakrejda <maciek@heroku.com> writes:
>> I'm having a hard time getting SSL compression working (or even figuring
>> out why it's not working) with my local Postgres server. The setting [1] is
>> documented to default to on, but according to the banner when I connect
>> with psql, it's off.
>
> Possibly you have the same type of problem mentioned here:
>
> http://www.postgresql.org/message-id/CABUevEytxEQtbMeuKpJ8tYjeeB37mzDQ7BASzEZN6EgcGrdZxA@mail.gmail.com

Yes that would seem to be the issue:

https://launchpad.net/ubuntu/trusty/+source/openssl/+changelog

openssl (1.0.1e-3ubuntu1)

Disable compression to avoid CRIME systemwide (CVE-2012-4929).


>
> although Ubuntu may well have done it a bit differently than Red Hat,
> ie the way to override openssl's default behavior might be different.
>
>             regards, tom lane
>
>


--
Adrian Klaver
adrian.klaver@aklaver.com

pgsql-general by date:

Previous
From: Tom Lane
Date:
Subject: Re: sslcompression / PGSSLCOMPRESSION not behaving as documented?
Next
From: Magnus Hagander
Date:
Subject: Re: sslcompression / PGSSLCOMPRESSION not behaving as documented?