Skip to main content

SSL Renegotiation patch

Hi all!

Albe Laurenz called my attention to a new patch applied to Postgresql servers which allows the administrator to set a value telling server when it will start SSL renegotiations. This parameter also allows you to disable the renegotiation.[1]

Today, I committed a patch which tries to disable SSL Renegotiation on supported postgresql servers, which means, servers which had this patch applied. According to Albe those server versions are: 9.0, 8.4.3, 8.3.10, 8.2.16, 8.1.20, 8.0.24, 7.4.28.

This patch simple calls:

SET ssl_renegotiation_limit=0

as suggested by Albe.

One positive side effect of this modification is that it serves as an workaround
to SSL renegotiation problem with Npgsql.
Today, Npgsql has problems with this, as can be seen on this bug report[2]. Although this patch isn't a solution, at least it makes Npgsql works on long SSL sessions.

If you want to try it out now, please grab latest code from cvs and let us know if you got any problems on our forums: http://forums.npgsql.org


[1] http://archives.postgresql.org/pgsql-committers/2010-02/msg00363.php

[2]http://lists.pgfoundry.org/pipermail/npgsql-devel/2010-February/001065.html
Labels:

Comments

Post a Comment

Popular posts from this blog

Npgsql Tips: Using " in (...)" queries with parameters list and "any" operator

Hi, all! We have received some users questions about how to send a list of values to be used in queries using the "in" operator. Something like: select foo, bar from table where foo in (blah1, blah2, blah3); Npgsql supports array-like parameter values and the first idea to have this working would try to use it directly: NpgsqlCommand command = new NpgsqlCommand("select * from tablee where field_serial in (:parameterlist)", conn); ArrayList l = new ArrayList(); l.Add(5); l.Add(6); command.Parameters.Add(new NpgsqlParameter("parameterlist", NpgsqlDbType.Array | NpgsqlDbType.Integer)); command.Parameters[0].Value = l.ToArray(); NpgsqlDataReader dr = command.ExecuteReader(); but unfortunately this won't work as expected. Npgsql will send a query like this: select * from tablee where field_serial in ((array[5,6])::int4[]) And Postgresql will complain with the followin...
45 comments
Read more

Fixed! LOG: unexpected EOF on client connection

Hi all! Since we implemented connection pool in Npgsql, we received some complaints about EOF log messages being generated on Postgresql logs when using Npgsql. This was caused by Npgsql not sending the proper terminate message to Postgresql on pooled connections when the application terminated or more specifically when the assembly was unloaded. This is a long time problem with Npgsql connection pool. I even talked about it in the past . Up to now, I had no idea about how to fix that as I wasn't able to close the connections in the pool. When I tried to put a finalizer in NpgsqlConnectorPool, which would be triggered when the assembly was unloaded, I received object already disposed exceptions when trying to send something to the stream. That's when I came up with the "excellent" idea of subclassing the networkstream class and override its Dispose method so that I could send the postgresql terminate message before it was disposed! :) It worked like a charm! ...
5 comments
Read more

Npgsql 2.2.0 final release is out!

This is Npgsql 2.2.0 Final Release This release contains 249 commits since the last stable release. Includes bug fixes, improvements and new features. Update notice: If you have been using Npgsql 2.2.0-rc2, you don't need to update to this version. They are the same except for the Assembly version information. Major highlights Visual Studio DDEX support   Kenji Uno added support for DDEX. Now you can use Npgsql with Visual Studio data designer. This is a missing feature a lot of our users requested in the past. Kenji added a tutorial about how to use Npgsql with DDEX. You can find it here: https://github.com/npgsql/Npgsql/wiki/Visual-Studio-Design-Time-Support---DDEX-Provider#install-npgsqlddexprovidervsix   Entity Framework   David Karlaš added support for EFMigration and Database creation in EF6+. Now it is possible to start Code First projects without needing to create a database upfront. EntityFramework and Npgsql will take care of it. E...
15 comments
Read more