2 files changed, 13 insertions, 1 deletions

diff --git a/src/backend/utils/misc/guc.c b/src/backend/utils/misc/guc.c
index d5da9b77a11..6d83b4722e2 100644
--- a/src/backend/utils/misc/guc.c
+++ b/src/backend/utils/misc/guc.c
@@ -10,7 +10,7 @@
  * Written by Peter Eisentraut <peter_e@gmx.net>.
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/utils/misc/guc.c,v 1.164.2.7 2009/12/09 21:59:07 tgl Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/utils/misc/guc.c,v 1.164.2.8 2010/02/25 23:45:28 tgl Exp $
  *
  *--------------------------------------------------------------------
  */
@@ -75,6 +75,7 @@ extern int	CheckPointTimeout;
 extern int	CommitDelay;
 extern int	CommitSiblings;
 extern char *preload_libraries_string;
+extern int	ssl_renegotiation_limit;
 
 #ifdef HAVE_SYSLOG
 extern char *Syslog_facility;
@@ -977,6 +978,15 @@ static struct config_int ConfigureNamesInt[] =
 	},
 
 	{
+		{"ssl_renegotiation_limit", PGC_USERSET, CONN_AUTH_SECURITY,
+			gettext_noop("Set the amount of traffic to send and receive before renegotiating the encryption keys."),
+			NULL
+		},
+		&ssl_renegotiation_limit,
+		512 * 1024, 0, INT_MAX / 1024, NULL, NULL
+	},
+
+	{
 		{"unix_socket_permissions", PGC_POSTMASTER, CONN_AUTH_SETTINGS,
 			gettext_noop("Sets the access permissions of the Unix-domain socket."),
 			gettext_noop("Unix-domain sockets use the usual Unix file system "
diff --git a/src/backend/utils/misc/postgresql.conf.sample b/src/backend/utils/misc/postgresql.conf.sample
index a211226093f..9cf6f0592a0 100644
--- a/src/backend/utils/misc/postgresql.conf.sample
+++ b/src/backend/utils/misc/postgresql.conf.sample
@@ -44,6 +44,8 @@
 
 #authentication_timeout = 60	# 1-600, in seconds
 #ssl = false
+#ssl_renegotiation_limit = 524288	# amount of data between renegotiations
+					# in kilobytes
 #password_encryption = true
 #krb_server_keyfile = ''
 #db_user_namespace = false