Re: [HACKERS] PostgreSQL not setting OpenSSL session id context?

Поиск
Список
Период
Сортировка
От Shay Rojansky
Тема Re: [HACKERS] PostgreSQL not setting OpenSSL session id context?
Дата
Msg-id CADT4RqALmtuZ2FfY06NnUDzi9RmUbuogDyd99oGH2GVzTtj-nw@mail.gmail.com
обсуждение исходный текст
Ответ на Re: [HACKERS] PostgreSQL not setting OpenSSL session id context?  (Shay Rojansky <roji@roji.org>)
Ответы Re: [HACKERS] PostgreSQL not setting OpenSSL session id context?  (Shay Rojansky <roji@roji.org>)
Список pgsql-hackers
Дерево обсуждения
One more note: https://github.com/netty/netty/pull/5321/files is an equivalent PR setting the session ID context to a constant value in netty (which is also a server using OpenSSL). This is in line with the documentation on SSL_CTX_set_session_id_context (https://wiki.openssl.org/index.php/Manual:SSL_CTX_set_session_id_context(3)):

> Sessions are generated within a certain context. When exporting/importing sessions with i2d_SSL_SESSION/d2i_SSL_SESSION it would be possible, to re-import a session generated from another context (e.g. another application), which might lead to malfunctions. Therefore each application must set its own session id context sid_ctx which is used to distinguish the contexts and is stored in exported sessions. The sid_ctx can be any kind of binary data with a given length, it is therefore possible to use e.g. the name of the application and/or the hostname and/or service name ...



В списке pgsql-hackers по дате отправления:

Предыдущее
От: Shay Rojansky
Дата:
Сообщение: Re: [HACKERS] PostgreSQL not setting OpenSSL session id context?
Следующее
От: Ashutosh Bapat
Дата:
Сообщение: Re: [HACKERS] Macros bundling RELKIND_* conditions