Re: OpenSSL key renegotiation with patched openssl
| От | Tom Lane |
|---|---|
| Тема | Re: OpenSSL key renegotiation with patched openssl |
| Дата | |
| Msg-id | 20759.1259359111@sss.pgh.pa.us обсуждение |
| Ответ на | Re: OpenSSL key renegotiation with patched openssl (Stefan Kaltenbrunner <stefan@kaltenbrunner.cc>) |
| Ответы |
Re: OpenSSL key renegotiation with patched openssl
Re: OpenSSL key renegotiation with patched openssl |
| Список | pgsql-hackers |
Stefan Kaltenbrunner <stefan@kaltenbrunner.cc> writes: > Tom Lane wrote: >> The discussion I saw suggested that you need such a patch at both ends. > and likely requires a restart of both postgresql and slony afterwards... Actually, after looking through the available info about this: https://svn.resiprocate.org/rep/ietf-drafts/ekr/draft-rescorla-tls-renegotiate.txt I think my comment above is wrong. It is useful to patch the *server*-side library to reject a renegotiation request. Applying that patch on the client side, however, is useless and simply breaks things. regards, tom lane
В списке pgsql-hackers по дате отправления: