Participants
Andrus
Andrus
Bruce Momjian
Bruce Momjian
Tom Lane
Tom Lane
Dave Page
Dave Page
Attachments
Show all attachments
Thread Outline
#1AndrusAndrus
Oct 02, 2010
#2Tom LaneTom Laneto Andrus (#1)
Oct 02, 2010
#3...#7
AndrusBruce MomjianDave Page
to Andrus (#1)
Oct 02, 2010
#3AndrusAndrusto Andrus (#1)
Oct 02, 2010
#4Bruce MomjianBruce Momjianto Andrus (#3)
Oct 20, 2010
#5AndrusAndrusto Bruce Momjian (#4)
Oct 21, 2010
#6Bruce MomjianBruce Momjianto Andrus (#5)
Oct 21, 2010
#7Dave PageDave Pageto Bruce Momjian (#6)
Oct 21, 2010

9.0 SSL renegotiation failure restoring data

Started by Andrusover 15 years ago7 messagesgeneral
Jump to latest
#1Andrus
Andrus
kobruleht2@hot.ee

Steps to reproduce:

1. Ran latest pgAdmin in windows server 2005 Standard x64 Edition
2. Restore data to Postgres 9.0 linux server from 450 MB backup file if
only
SSL connection is enabled

After some time pg_restore reports that connection is closed.
server log is below.
How to restore 450 MB backup copy to Postgres 9.0 Linux server from
windows
server using SSL ?

Andrus.

LOG:  duration: 2643663.100 ms  statement: COPY artpilt (id,
toode, pilt,
pildityyp, esipil
t) FROM stdin;
LOG:  SSL renegotiation failure
LOG:  SSL failed to send renegotiation request
LOG:  SSL renegotiation failure
LOG:  SSL error: unsafe legacy renegotiation disabled
LOG:  could not send data to client: Connection reset by peer
LOG:  SSL error: unsafe legacy renegotiation disabled
LOG:  could not receive data from client: Connection reset by
peer
LOG:  unexpected EOF on client connection
 

#2Tom Lane
Tom Lane
tgl@sss.pgh.pa.us
In reply to: Andrus (#1)
Re: 9.0 SSL renegotiation failure restoring data

Andrus Moor <kobruleht2@hot.ee> writes:

How to restore 450 MB backup copy to Postgres 9.0 Linux server from
windows server using SSL ?

Either (1) get a non-lobotomized SSL library, or (2) set
ssl_renegotiation_limit to zero in the server.

regards, tom lane

#3Andrus
Andrus
kobruleht2@hot.ee
In reply to: Andrus (#1)
Re: 9.0 SSL renegotiation failure restoring data

Either (1) get a non-lobotomized SSL library

I'm using latest official Postgres 9.0 server and pgAdmin client.
Does one of them contain bug in SSL ?
Andrus.

Import Notes
Reply to msg id not found: 20101002203042.4EBF113FCA2@mh1.hot.ee10632.1286052198@sss.pgh.pa.us
#4Bruce Momjian
Bruce Momjian
bruce@momjian.us
In reply to: Andrus (#3)
Re: 9.0 SSL renegotiation failure restoring data

Andrus Moor wrote:

Either (1) get a non-lobotomized SSL library

I'm using latest official Postgres 9.0 server and pgAdmin client.
Does one of them contain bug in SSL??

Uh, we don't ship SSL in the server. We ship code that _uses_ ssl, so I
would look at your operating system to see what version of SSL you have,
and perhaps update that.

--
Bruce Momjian <bruce@momjian.us> http://momjian.us
EnterpriseDB http://enterprisedb.com

+ It's impossible for everything to be true. +

#5Andrus
Andrus
kobruleht2@hot.ee
In reply to: Bruce Momjian (#4)
Re: 9.0 SSL renegotiation failure restoring data

Uh, we don't ship SSL in the server.
We ship code that _uses_ ssl, so I
would look at your operating system to see what version of SSL you have,
and perhaps update that.

I installed postgres 9.0 RC in Windows from official link and looked into
bin:

Directory of C:\Program Files\PostgreSQL\9.0\bin

15.11.2009 16:37 200_704 ssleay32.dll
15.11.2009 16:37 1_017_344 libeay32.dll

How to update them so that they match with linux server ?

Andrus.

#6Bruce Momjian
Bruce Momjian
bruce@momjian.us
In reply to: Andrus (#5)
Re: 9.0 SSL renegotiation failure restoring data

Andrus wrote:

Uh, we don't ship SSL in the server.
We ship code that _uses_ ssl, so I
would look at your operating system to see what version of SSL you have,
and perhaps update that.

I installed postgres 9.0 RC in Windows from official link and looked into
bin:

Directory of C:\Program Files\PostgreSQL\9.0\bin

15.11.2009 16:37 200_704 ssleay32.dll
15.11.2009 16:37 1_017_344 libeay32.dll

How to update them so that they match with linux server ?

Oh, interesting. So we install SSL with our Win32 install, and I assume
that is a new/correct version of ssl.

Dave, this person says they are getting disconnected regularly and we
thought it was ssl renegotiation, but not I am unclear what is causing
the disconnection.

--
Bruce Momjian <bruce@momjian.us> http://momjian.us
EnterpriseDB http://enterprisedb.com

+ It's impossible for everything to be true. +

#7Dave Page
Dave Page
dpage@pgadmin.org
In reply to: Bruce Momjian (#6)
Re: 9.0 SSL renegotiation failure restoring data

On Thu, Oct 21, 2010 at 2:40 PM, Bruce Momjian <bruce@momjian.us> wrote:

Andrus wrote:

Uh, we don't ship SSL in the server.
We ship code that _uses_ ssl, so I
would look at your operating system to see what version of SSL you have,
and perhaps update that.

I installed postgres 9.0 RC in Windows from official link and looked into
bin:

 Directory of C:\Program Files\PostgreSQL\9.0\bin

15.11.2009  16:37           200_704 ssleay32.dll
15.11.2009  16:37         1_017_344 libeay32.dll

How to update them so that they match with linux server ?

Oh, interesting.  So we install SSL with our Win32 install, and I assume
that is a new/correct version of ssl.

Dave, this person says they are getting disconnected regularly and we
thought it was ssl renegotiation, but not I am unclear what is causing
the disconnection.

It's possible - it depends on what version of OpenSSL was available at
the time we started testing 9.0.

Dharmendra, can you please check and upgrade the build servers if necessary?

--
Dave Page
Blog: http://pgsnake.blogspot.com
Twitter: @pgsnake

EnterpriseDB UK: http://www.enterprisedb.com
The Enterprise PostgreSQL Company

← Back to Topics