Re: Removing SSL renegotiation (Was: Should we back-patch SSL renegotiation fixes?)
| От | Tom Lane |
|---|---|
| Тема | Re: Removing SSL renegotiation (Was: Should we back-patch SSL renegotiation fixes?) |
| Дата | |
| Msg-id | 14860.1435353161@sss.pgh.pa.us обсуждение исходный текст |
| Ответ на | Re: Removing SSL renegotiation (Was: Should we back-patch SSL renegotiation fixes?) (Andres Freund <andres@anarazel.de>) |
| Ответы |
Re: Removing SSL renegotiation (Was: Should we back-patch
SSL renegotiation fixes?)
|
| Список | pgsql-hackers |
Andres Freund <andres@anarazel.de> writes:
> On 2015-06-24 16:41:48 +0200, Andres Freund wrote:
>> I, by now, have come to a different conclusion. I think it's time to
>> entirely drop the renegotiation support.
> I think by now we essentially concluded that we should do that. What I'm
> not sure yet is how: Do we want to rip it out in master and just change
> the default in the backbranches, or do we want to rip it out in all
> branches and leave a faux guc in place in the back branches. I vote for
> the latter, but would be ok with both variants.
I think the former is probably the saner answer. It is less likely to
annoy people who dislike back-branch changes. And it will be
significantly less work, considering that that code has changed enough
that you won't be able to just cherry-pick a removal patch. I also fear
there's a nonzero chance of breaking stuff if you're careless about doing
the removal in one or more of the five active back branches ...
regards, tom lane
В списке pgsql-hackers по дате отправления: