Tom Lane wrote:
Chris Campbell <chris_campbell@mac.com> writes:
certainly not have exposed any new API that would help us tell this :-(
If said patches were done properly they'd have also turned an
application-level renegotiation request into a no-op, instead of
breaking apps by making it fail --- but apparently they were not done
properly.
Chris Campbell <chris_campbell@mac.com> writes:
Is there a way to detect when the SSL library has renegotiation disabled?
Probably not. The current set of emergency security patches wouldcertainly not have exposed any new API that would help us tell this :-(
If said patches were done properly they'd have also turned an
application-level renegotiation request into a no-op, instead of
breaking apps by making it fail --- but apparently they were not done
properly.
--
Bruce Momjian <bruce@momjian.us> http://momjian.us
EnterpriseDB http://enterprisedb.com
PG East: http://www.enterprisedb.com/community/nav-pg-east-2010.do
+ If your life is a hard drive, Christ can be your backup. +
