Tom Lane wrote: > Chris Campbell <chris_campb...@mac.com> writes: > > Is there a way to detect when the SSL library has renegotiation disabled? > > Probably not. The current set of emergency security patches would > certainly not have exposed any new API that would help us tell this :-( > > If said patches were done properly they'd have also turned an > application-level renegotiation request into a no-op, instead of > breaking apps by making it fail --- but apparently they were not done > properly.
Yea, and also keep in mind any SSL library checks need to be done at run-time (because I believe openssl is usually linked as a shared object), which even further limits our options. -- Bruce Momjian <br...@momjian.us> http://momjian.us EnterpriseDB http://enterprisedb.com + If your life is a hard drive, Christ can be your backup. + -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
