On 2015-06-24 11:11:16 -0400, Tom Lane wrote:
> On balance I think I agree that SSL renegotiation has not been worth the
> trouble. And we definitely aren't testing it adequately, so if we wanted
> to keep it then there's even *more* work that somebody ought to expend.
Right. Our code was nearly entirely broken for streaming replication for
*years* without anybody noticing. And even now it doesn't reliably
work. It's also pretty hard to test due to the required data volumes and
the vast number of different behaviours across openssl versions.
> I assume we'd back-patch it, too? (Probably not remove the
> ssl_renegotiation_limit variable, but always act as though it were
> zero.)
Yes, I think so. Maybe log a warning at startup if set to nonzero
(startup is probably the best we can do).
Greetings,
Andres Freund