diff --git a/doc/src/sgml/config.sgml b/doc/src/sgml/config.sgml
index bbe1eb0d19a68afbb3500b08c9f0d8d36b698c8e..e900dccb11cfab2f656cc266b7b5e8616a36cbc3 100644
--- a/doc/src/sgml/config.sgml
+++ b/doc/src/sgml/config.sgml
@@ -1034,35 +1034,6 @@ include_dir 'conf.d'
</listitem>
</varlistentry>
- <varlistentry id="guc-ssl-renegotiation-limit" xreflabel="ssl_renegotiation_limit">
- <term><varname>ssl_renegotiation_limit</varname> (<type>integer</type>)
- <indexterm>
- <primary><varname>ssl_renegotiation_limit</> configuration parameter</primary>
- </indexterm>
- </term>
- <listitem>
- <para>
- Specifies how much data can flow over an <acronym>SSL</>-encrypted
- connection before renegotiation of the session keys will take
- place. Renegotiation decreases an attacker's chances of doing
- cryptanalysis when large amounts of traffic can be examined, but it
- also carries a large performance penalty. The sum of sent and received
- traffic is used to check the limit. If this parameter is set to 0,
- renegotiation is disabled. The default is <literal>512MB</>.
- </para>
- <note>
- <para>
- SSL libraries from before November 2009 are insecure when using SSL
- renegotiation, due to a vulnerability in the SSL protocol. As a
- stop-gap fix for this vulnerability, some vendors shipped SSL
- libraries incapable of doing renegotiation. If any such libraries
- are in use on the client or server, SSL renegotiation should be
- disabled.
- </para>
- </note>
- </listitem>
- </varlistentry>
-
<varlistentry id="guc-ssl-ciphers" xreflabel="ssl_ciphers">
<term><varname>ssl_ciphers</varname> (<type>string</type>)
<indexterm>
diff --git a/src/backend/libpq/be-secure-openssl.c b/src/backend/libpq/be-secure-openssl.c
index f0774fe8c9529813b979636d4d72c37168ed9388..e9bc282d2e7207ef29f55c28c5ffb8167e4a30dc 100644
--- a/src/backend/libpq/be-secure-openssl.c
+++ b/src/backend/libpq/be-secure-openssl.c
@@ -16,12 +16,8 @@
* backend can restart automatically, it is important that
* we select an algorithm that continues to provide confidentiality
* even if the attacker has the server's private key. Ephemeral
- * DH (EDH) keys provide this, and in fact provide Perfect Forward
- * Secrecy (PFS) except for situations where the session can
- * be hijacked during a periodic handshake/renegotiation.
- * Even that backdoor can be closed if client certificates
- * are used (since the imposter will be unable to successfully
- * complete renegotiation).
+ * DH (EDH) keys provide this and more (Perfect Forward Secrecy
+ * aka PFS).
*
* N.B., the static private key should still be protected to
* the largest extent possible, to minimize the risk of
@@ -37,12 +33,6 @@
* session. In this case you'll need to temporarily disable
* EDH by commenting out the callback.
*
- * ...
- *
- * Because the risk of cryptanalysis increases as large
- * amounts of data are sent with the same session key, the
- * session keys are periodically renegotiated.
- *
*-------------------------------------------------------------------------
*/
@@ -92,9 +82,6 @@ static const char *SSLerrmessage(void);
static char *X509_NAME_to_cstring(X509_NAME *name);
-/* are we in the middle of a renegotiation? */
-static bool in_ssl_renegotiation = false;
-
static SSL_CTX *SSL_context = NULL;
/* ------------------------------------------------------------ */
@@ -570,37 +557,6 @@ be_tls_write(Port *port, void *ptr, size_t len, int *waitfor)
ssize_t n;
int err;
- /*
- * If SSL renegotiations are enabled and we're getting close to the limit,
- * start one now; but avoid it if there's one already in progress.
- * Request the renegotiation 1kB before the limit has actually expired.
- */
- if (ssl_renegotiation_limit && !in_ssl_renegotiation &&
- port->count > (ssl_renegotiation_limit - 1) * 1024L)
- {
- in_ssl_renegotiation = true;
-
- /*
- * The way we determine that a renegotiation has completed is by
- * observing OpenSSL's internal renegotiation counter. Make sure we
- * start out at zero, and assume that the renegotiation is complete
- * when the counter advances.
- *
- * OpenSSL provides SSL_renegotiation_pending(), but this doesn't seem
- * to work in testing.
- */
- SSL_clear_num_renegotiations(port->ssl);
-
- /* without this, renegotiation fails when a client cert is used */
- SSL_set_session_id_context(port->ssl, (void *) &SSL_context,
- sizeof(SSL_context));
-
- if (SSL_renegotiate(port->ssl) <= 0)
- ereport(COMMERROR,
- (errcode(ERRCODE_PROTOCOL_VIOLATION),
- errmsg("SSL failure during renegotiation start")));
- }
-
errno = 0;
n = SSL_write(port->ssl, ptr, len);
err = SSL_get_error(port->ssl, n);
@@ -646,28 +602,6 @@ be_tls_write(Port *port, void *ptr, size_t len, int *waitfor)
break;
}
- if (n >= 0)
- {
- /* is renegotiation complete? */
- if (in_ssl_renegotiation &&
- SSL_num_renegotiations(port->ssl) >= 1)
- {
- in_ssl_renegotiation = false;
- port->count = 0;
- }
-
- /*
- * if renegotiation is still ongoing, and we've gone beyond the limit,
- * kill the connection now -- continuing to use it can be considered a
- * security problem.
- */
- if (in_ssl_renegotiation &&
- port->count > ssl_renegotiation_limit * 1024L)
- ereport(FATAL,
- (errcode(ERRCODE_PROTOCOL_VIOLATION),
- errmsg("SSL failed to renegotiate connection before limit expired")));
- }
-
return n;
}
diff --git a/src/backend/libpq/be-secure.c b/src/backend/libpq/be-secure.c
index 4a650cc001254105d2a70c5737c8d07c332d84f8..26d8faaf773a818b388b899b8d83d617bdf7af9b 100644
--- a/src/backend/libpq/be-secure.c
+++ b/src/backend/libpq/be-secure.c
@@ -43,13 +43,6 @@ char *ssl_key_file;
char *ssl_ca_file;
char *ssl_crl_file;
-/*
- * How much data can be sent across a secure connection
- * (total in both directions) before we require renegotiation.
- * Set to 0 to disable renegotiation completely.
- */
-int ssl_renegotiation_limit;
-
#ifdef USE_SSL
bool ssl_loaded_verify_locations = false;
#endif
diff --git a/src/backend/utils/misc/guc.c b/src/backend/utils/misc/guc.c
index 1bed5250a6cc541dd4369f2b3c66ce6ab9ff0148..1b7b914624ebd18b0fe1ab03800cb4d48aca7d73 100644
--- a/src/backend/utils/misc/guc.c
+++ b/src/backend/utils/misc/guc.c
@@ -2577,17 +2577,6 @@ static struct config_int ConfigureNamesInt[] =
NULL, assign_tcp_keepalives_interval, show_tcp_keepalives_interval
},
- {
- {"ssl_renegotiation_limit", PGC_USERSET, CONN_AUTH_SECURITY,
- gettext_noop("Set the amount of traffic to send and receive before renegotiating the encryption keys."),
- NULL,
- GUC_UNIT_KB,
- },
- &ssl_renegotiation_limit,
- 512 * 1024, 0, MAX_KILOBYTES,
- NULL, NULL, NULL
- },
-
{
{"tcp_keepalives_count", PGC_USERSET, CLIENT_CONN_OTHER,
gettext_noop("Maximum number of TCP keepalive retransmits."),
diff --git a/src/backend/utils/misc/postgresql.conf.sample b/src/backend/utils/misc/postgresql.conf.sample
index 06dfc067b03b3fc6529372064f03d663d45cccf5..e5d275df2155ad65d43199fca82b8eb26e94371a 100644
--- a/src/backend/utils/misc/postgresql.conf.sample
+++ b/src/backend/utils/misc/postgresql.conf.sample
@@ -83,7 +83,6 @@
# (change requires restart)
#ssl_prefer_server_ciphers = on # (change requires restart)
#ssl_ecdh_curve = 'prime256v1' # (change requires restart)
-#ssl_renegotiation_limit = 512MB # amount of data between renegotiations
#ssl_cert_file = 'server.crt' # (change requires restart)
#ssl_key_file = 'server.key' # (change requires restart)
#ssl_ca_file = '' # (change requires restart)
diff --git a/src/include/libpq/libpq-be.h b/src/include/libpq/libpq-be.h
index 6171ef3a1ffca53ba807ae679228dafd2591e826..caaa8b5f890f9bb6664c6ed11b19356e80c23471 100644
--- a/src/include/libpq/libpq-be.h
+++ b/src/include/libpq/libpq-be.h
@@ -92,11 +92,6 @@ typedef struct
} pg_gssinfo;
#endif
-/*
- * SSL renegotiations
- */
-extern int ssl_renegotiation_limit;
-
/*
* This is used by the postmaster in its communication with frontends. It
* contains all state information needed during this communication before the