projects / 2ndquadrant_bdr.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 450bf0b) | patch
Disable ssl renegotiation by default.
authorAndres Freund <andres@anarazel.de>
Tue, 28 Jul 2015 19:39:40 +0000 (21:39 +0200)
committerAndres Freund <andres@anarazel.de>
Tue, 28 Jul 2015 20:06:31 +0000 (22:06 +0200)
commitab60847822463613629e11e0675952320319197a
treea50582413f9d4b0bf68a2b1592dd309c56e7f611tree
parent450bf0ba530101822e6d5ecdd3d9c13fe01ebce5commit | diff
Disable ssl renegotiation by default.

While postgres' use of SSL renegotiation is a good idea in theory, it
turned out to not work well in practice. The specification and openssl's
implementation of it have lead to several security issues. Postgres' use
of renegotiation also had its share of bugs.

Additionally OpenSSL has a bunch of bugs around renegotiation, reported
and open for years, that regularly lead to connections breaking with
obscure error messages. We tried increasingly complex workarounds to get
around these bugs, but we didn't find anything complete.

Since these connection breakages often lead to hard to debug problems,
e.g. spuriously failing base backups and significant latency spikes when
synchronous replication is used, we have decided to change the default
setting for ssl renegotiation to 0 (disabled) in the released
backbranches and remove it entirely in 9.5 and master..

Author: Michael Paquier, with changes by me
Discussion: 20150624144148.GQ4797@alap3.anarazel.de
Backpatch: 9.0-9.4; 9.5 and master get a different patch
doc/src/sgml/config.sgml diff | blob | blame | history
src/backend/utils/misc/guc.c diff | blob | blame | history
src/backend/utils/misc/postgresql.conf.sample diff | blob | blame | history
Obsolete repo for Bi-directional replication for PostgreSQL. See https://github.com/2ndQuadrant/bdr/