The existing renegotiation code was home for several bugs: it might erroneously report that renegotiation had failed; it might try to execute another renegotiation while the previous one was pending; it failed to terminate the connection if the renegotiation never actually took place; if a renegotiation was started, the byte count was reset, even if the renegotiation wasn't completed (this isn't good from a security perspective because it means continuing to use a session that should be considered compromised due to volume of data transferred.)
The new code is structured to avoid these pitfalls: renegotiation is started a little earlier than the limit has expired; the handshake sequence is retried until it has actually returned successfully, and no more than that, but if it fails too many times, the connection is closed. The byte count is reset only when the renegotiation has succeeded, and if the renegotiation byte count limit expires, the connection is terminated.
This commit only touches the master branch, because some of the changes are controversial. If everything goes well, a back-patch might be considered.
Per discussion started by message 20130710212017.GB4941@eldon.alvh.no-ip.org
31cf1a1 Rework SSL renegotiation code
src/backend/libpq/be-secure.c | 82 ++++++++++++++++++++++++++++++++---------
src/backend/utils/misc/guc.c | 1 -
src/include/libpq/libpq-be.h | 5 +++
3 files changed, 70 insertions(+), 18 deletions(-)