Skip to main content

SSL Renegotiation patch

Hi all!

Albe Laurenz called my attention to a new patch applied to Postgresql servers which allows the administrator to set a value telling server when it will start SSL renegotiations. This parameter also allows you to disable the renegotiation.[1]

Today, I committed a patch which tries to disable SSL Renegotiation on supported postgresql servers, which means, servers which had this patch applied. According to Albe those server versions are: 9.0, 8.4.3, 8.3.10, 8.2.16, 8.1.20, 8.0.24, 7.4.28.

This patch simple calls:

SET ssl_renegotiation_limit=0

as suggested by Albe.

One positive side effect of this modification is that it serves as an workaround
to SSL renegotiation problem with Npgsql.
Today, Npgsql has problems with this, as can be seen on this bug report[2]. Although this patch isn't a solution, at least it makes Npgsql works on long SSL sessions.

If you want to try it out now, please grab latest code from cvs and let us know if you got any problems on our forums: http://forums.npgsql.org


[1] http://archives.postgresql.org/pgsql-committers/2010-02/msg00363.php

[2]http://lists.pgfoundry.org/pipermail/npgsql-devel/2010-February/001065.html
Labels:

Comments

Post a Comment

Popular posts from this blog

UUID datatype and COPY IN/OUT support added to cvs

Hi all! It was just added support to uuid datatype in cvs head. This type will be available in next Postgresql release 8.3. Thanks to David Bachmann for his patch! You can get more info about this patch in this mailing list post . Also was added support for copy in and copy out operations. Now, users can provide streams which can be copied directly to and from Postgresql tables! Thanks to Kalle Hallivuori for providing a patch! Thanks to Truviso for giving support to Kalle. More info about that including a demo and ready to use compiled Npgsql.dll versions can be found here . That's it! As soon as we get more features added, I will post info about them here. Stay tuned! :)
1 comment
Read more

Npgsql Tips: Using " in (...)" queries with parameters list and "any" operator

Hi, all! We have received some users questions about how to send a list of values to be used in queries using the "in" operator. Something like: select foo, bar from table where foo in (blah1, blah2, blah3); Npgsql supports array-like parameter values and the first idea to have this working would try to use it directly: NpgsqlCommand command = new NpgsqlCommand("select * from tablee where field_serial in (:parameterlist)", conn); ArrayList l = new ArrayList(); l.Add(5); l.Add(6); command.Parameters.Add(new NpgsqlParameter("parameterlist", NpgsqlDbType.Array | NpgsqlDbType.Integer)); command.Parameters[0].Value = l.ToArray(); NpgsqlDataReader dr = command.ExecuteReader(); but unfortunately this won't work as expected. Npgsql will send a query like this: select * from tablee where field_serial in ((array[5,6])::int4[]) And Postgresql will complain with the followin
45 comments
Read more

Stream seek error

Hi all! Since Npgsql RC1, we started to receive some error reports about problems when closing connections. The typical stack trace looked like this: System.NotSupportedException : This stream does not support seek operations. at System.Net.Sockets.NetworkStream.Seek(Int64 offset, SeekOrigin origin) at System.IO.BufferedStream.FlushRead() at System.IO.BufferedStream.WriteByte(Byte value) − at Npgsql.NpgsqlQuery.WriteToStream(Stream outputStream) in C:\Npgsql\Npgsql2\src\Npgsql\NpgsqlQuery.cs:line 62 − at Npgsql.NpgsqlReadyState.QueryEnum(NpgsqlConnector context, NpgsqlCommand command) in C:\Npgsql\Npgsql2\src\Npgsql\NpgsqlReadyState.cs:line 64 − at Npgsql.NpgsqlConnector.ReleasePlansPortals() in C:\Npgsql\Npgsql2\src\Npgsql\NpgsqlConnector.cs:line 373 − at Npgsql.NpgsqlConnectorPool.UngetPooledConnector(NpgsqlConnection Connection, NpgsqlConnector Connector) in C:\Npgsql\Npgsql2\src\Npgsql\NpgsqlConnectorPool.cs:line 541 − at Npgsql.NpgsqlConnectorPool.ReleasePooledConnector(NpgsqlConn
2 comments
Read more