On 2015-06-26 09:53:30 -0400, Robert Haas wrote: > On Thu, Jun 25, 2015 at 8:03 AM, Andres Freund <and...@anarazel.de> wrote: > >> I don't accept the argument that there are not ways to tell users > >> about things they might want to do. > > > > We probably could do that. But why would we want to? It's just as much > > work, and puts the onus on more people? > > Because it doesn't force a behavior change down everyone's throat.
Generally I'd agree that that is a bad thing. But there's really not much of a observable behaviour change in this case? Except that connections using ssl break less often. > If it were just a question of back-porting fixes, even someone > invasive ones, well, maybe that's what we have to do; that's pretty > much exactly what we are planning to do for the MultiXact case There's no way we can reasonably "disable" multixacts, so I don't think these situations are comparable. > but according to Heikki, this is broken even in master and can't really be > fixed unless and until OpenSSL gets their act together. Yes, that's my conclusion as well, leading to my position in this thread. > That's a hard argument to argue with, and I think I'm on board with > it. Given that reported bugs for openssl around this have existed since about 2002 without any effort at fixing, I think it's seriously unlikely that they ever will. Greetings, Andres Freund -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
