<!--
-$PostgreSQL: pgsql/doc/src/sgml/runtime.sgml,v 1.301.4.9 2007/04/20 02:38:33 tgl Exp $
+$PostgreSQL: pgsql/doc/src/sgml/runtime.sgml,v 1.301.4.10 2010/02/25 23:45:04 tgl Exp $
-->
<chapter id="runtime">
</listitem>
</varlistentry>
+ <varlistentry id="guc-ssl-renegotiation-limit" xreflabel="ssl_renegotiation_limit">
+ <term><varname>ssl_renegotiation_limit</varname> (<type>int</type>)</term>
+ <indexterm>
+ <primary><varname>ssl_renegotiation_limit</> configuration parameter</primary>
+ </indexterm>
+ <listitem>
+ <para>
+ Specifies how much data can flow over an <acronym>SSL</> encrypted connection
+ before renegotiation of the session will take place. Renegotiation of the
+ session decreases the chance of doing cryptanalysis when large amounts of data
+ are sent, but it also carries a large performance penalty. The sum of
+ sent and received traffic is used to check the limit. If the parameter is
+ set to 0, renegotiation is disabled. The default is <literal>512MB</>.
+ </para>
+ <note>
+ <para>
+ SSL libraries from before November 2009 are insecure when using SSL
+ renegotiation, due to a vulnerability in the SSL protocol. As a stop-gap fix
+ for this vulnerability, some vendors also shipped SSL libraries incapable
+ of doing renegotiation. If any of these libraries are in use on the client
+ or server, SSL renegotiation should be disabled.
+ </para>
+ </note>
+ </listitem>
+ </varlistentry>
+
<varlistentry id="guc-password-encryption" xreflabel="password_encryption">
<term><varname>password_encryption</varname> (<type>boolean</type>)</term>
<indexterm>
*
*
* IDENTIFICATION
- * $PostgreSQL: pgsql/src/backend/libpq/be-secure.c,v 1.56.4.5 2009/12/09 06:37:13 mha Exp $
+ * $PostgreSQL: pgsql/src/backend/libpq/be-secure.c,v 1.56.4.6 2010/02/25 23:45:04 tgl Exp $
*
* Since the server static private key ($DataDir/server.key)
* will normally be stored unencrypted so that the database
static const char *SSLerrmessage(void);
#endif
-#ifdef USE_SSL
/*
* How much data can be sent across a secure connection
* (total in both directions) before we require renegotiation.
+ * Set to 0 to disable renegotiation completely.
*/
-#define RENEGOTIATION_LIMIT (512 * 1024 * 1024)
+int ssl_renegotiation_limit;
+#ifdef USE_SSL
static SSL_CTX *SSL_context = NULL;
#endif
{
int err;
- if (port->count > RENEGOTIATION_LIMIT)
+ if (ssl_renegotiation_limit && port->count > ssl_renegotiation_limit * 1024L)
{
SSL_set_session_id_context(port->ssl, (void *) &SSL_context,
sizeof(SSL_context));
*
* IDENTIFICATION
- * $PostgreSQL: pgsql/src/backend/utils/misc/guc.c,v 1.252.4.8 2010/01/24 21:50:09 tgl Exp $
+ * $PostgreSQL: pgsql/src/backend/utils/misc/guc.c,v 1.252.4.9 2010/02/25 23:45:04 tgl Exp $
*
*--------------------------------------------------------------------
*/
extern int CommitSiblings;
extern int DebugSharedBuffers;
extern char *default_tablespace;
+extern int ssl_renegotiation_limit;
static const char *assign_log_destination(const char *value,
bool doit, GucSource source);
DEF_PGPORT, 1, 65535, NULL, NULL
},
+ {
+ {"ssl_renegotiation_limit", PGC_USERSET, CONN_AUTH_SECURITY,
+ gettext_noop("Set the amount of traffic to send and receive before renegotiating the encryption keys."),
+ NULL
+ },
+ &ssl_renegotiation_limit,
+ 512 * 1024, 0, INT_MAX / 1024, NULL, NULL
+ },
+
{
{"unix_socket_permissions", PGC_POSTMASTER, CONN_AUTH_SETTINGS,
gettext_noop("Sets the access permissions of the Unix-domain socket."),
#authentication_timeout = 60 # 1-600, in seconds
#ssl = false
+#ssl_renegotiation_limit = 524288 # amount of data between renegotiations
+ # in kilobytes
#password_encryption = true
#krb_server_keyfile = ''
#db_user_namespace = false
projects / users / c2main / postgres.git / commitdiff