| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Alvaro Herrera <alvherre(at)2ndquadrant(dot)com> |
| Cc: | Andres Freund <andres(at)2ndquadrant(dot)com>, Robert Haas <robertmhaas(at)gmail(dot)com>, Magnus Hagander <magnus(at)hagander(dot)net>, Pg Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: SSL renegotiation |
| Date: | 2013-11-15 14:33:17 |
| Message-ID: | 20131115143317.GZ17272@tamriel.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers pgsql-hackers |
Alvaro,
* Alvaro Herrera (alvherre(at)2ndquadrant(dot)com) wrote:
> 1. Don't backpatch the ERROR bit at all, so that if the renegotiation
> fails we would silently continue just as currently
I'm leaning towards the above at this point.
> I was reminded of this once more because I just saw a spurious
> renegotiation failure in somebody's production setup. Kind of like a
> recurring nightmare which I thought I had already erradicated.
I saw one yesterday. :(
> Opinions? Also, should we wait longer for the new renegotiation code to
> be more battle-tested?
I've got a better environment to test this in now and given that I saw
it just yesterday, I'm very interested in addressing it. I grow tired
of seeing these renegotiation errors.
Thanks!
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2013-11-15 15:43:23 | Re: SSL renegotiation |
| Previous Message | Kevin Grittner | 2013-11-15 14:29:07 | pgsql: Fix buffer overrun in isolation test program. |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 2013-11-15 14:33:55 | Re: Logging WAL when updating hintbit |
| Previous Message | Kevin Grittner | 2013-11-15 14:32:48 | Re: strncpy is not a safe version of strcpy |