Re: [HACKERS] PostgreSQL not setting OpenSSL session id context?

Поиск
Список
Период
Сортировка
От Tom Lane
Тема Re: [HACKERS] PostgreSQL not setting OpenSSL session id context?
Дата
Msg-id 4727.1501444787@sss.pgh.pa.us
обсуждение исходный текст
Ответ на Re: [HACKERS] PostgreSQL not setting OpenSSL session id context?  (Tom Lane <tgl@sss.pgh.pa.us>)
Ответы Re: [HACKERS] PostgreSQL not setting OpenSSL session id context?  (Shay Rojansky <roji@roji.org>)
Список pgsql-hackers
Дерево обсуждения 
I wrote:
> I think what you need to do is tell SslStream not to expect that PG
> servers will do session resumption.  (I'm a bit astonished that that
> would be its default assumption in the first place, but whatever.)

Actually, after a bit of further googling, it seems that the brain
damage here may be on the server side.  It seems that OpenSSL will
send a session ticket if requested, even though the surrounding
application has given it no means to identify the session (!?).
Apparently we need to pass SSL_OP_NO_TICKET to SSL_CTX_set_options
to prevent that from happening.
        regards, tom lane

В списке pgsql-hackers по дате отправления:

Предыдущее
От: Tom Lane
Дата:
Сообщение: Re: [HACKERS] PostgreSQL not setting OpenSSL session id context?
Следующее
От: Tom Lane
Дата:
Сообщение: Re: [HACKERS] PL_stashcache, or, what's our minimum Perl version?