rdelaage/postgresql
1
0
Fork 0
mirror of https://git.postgresql.org/git/postgresql.git synced 2024-10-08 10:26:51 +02:00
Code Issues Packages Projects Releases Wiki Activity
1812ee5767
postgresql/src/backend/libpq
History
Heikki Linnakangas e453cc2741 Make Port->ssl_in_use available, even when built with !USE_SSL 
Code that check the flag no longer need #ifdef's, which is more convenient.
In particular, makes it easier to write extensions that depend on it.

In the passing, modify sslinfo's ssl_is_used function to check ssl_in_use
instead of the OpenSSL specific 'ssl' pointer. It doesn't make any
difference currently, as sslinfo is only compiled when built with OpenSSL,
but seems cleaner anyway.
2014-11-25 09:46:11 +02:00
..
auth.c Message improvements 2014-11-11 20:02:30 -05:00
be-fsstubs.c Rename lo_create(oid, bytea) to lo_from_bytea(). 2014-06-12 15:39:09 -04:00
be-secure-openssl.c Message improvements 2014-10-12 01:06:35 -04:00
be-secure.c Break out OpenSSL-specific code to separate files. 2014-08-11 11:54:19 +03:00
crypt.c Log a detail message for auth failures due to missing or expired password. 2014-01-27 21:04:09 -05:00
hba.c Make Port->ssl_in_use available, even when built with !USE_SSL 2014-11-25 09:46:11 +02:00
ip.c check socket creation errors against PGINVALID_SOCKET 2014-04-16 10:45:48 -04:00
Makefile Support frontend-backend protocol communication using a shm_mq. 2014-10-31 12:02:40 -04:00
md5.c pgindent run for 9.4 2014-05-06 12:12:18 -04:00
pg_hba.conf.sample Remove support for native krb5 authentication 2014-01-19 17:05:01 +01:00
pg_ident.conf.sample Reformat the comments in pg_hba.conf and pg_ident.conf 2010-01-26 06:58:39 +00:00
pqcomm.c Fix thinko in commit 2bd9e412f9. 2014-11-05 17:12:23 -05:00
pqformat.c pgindent run for 9.4 2014-05-06 12:12:18 -04:00
pqmq.c Support frontend-backend protocol communication using a shm_mq. 2014-10-31 12:02:40 -04:00
pqsignal.c Update copyright for 2014 2014-01-07 16:05:30 -05:00
README.SSL Remove useless whitespace at end of lines 2010-11-23 22:34:55 +02:00

README.SSL 

src/backend/libpq/README.SSL

SSL
===

>From the servers perspective:


  Receives StartupPacket
           |
           |
 (Is SSL_NEGOTIATE_CODE?) -----------  Normal startup
           |                  No
           |
           | Yes
           |
           |
 (Server compiled with USE_SSL?) ------- Send 'N'
           |                       No        |
           |                                 |
           | Yes                         Normal startup
           |
           |
        Send 'S'
           |
           |
      Establish SSL
           |
           |
      Normal startup





>From the clients perspective (v6.6 client _with_ SSL):


      Connect
         |
         |
  Send packet with SSL_NEGOTIATE_CODE
         |
         |
  Receive single char  ------- 'S' -------- Establish SSL
         |                                       |
         | '<else>'                              |
         |                                  Normal startup
         |
         |
   Is it 'E' for error  ------------------- Retry connection
         |                  Yes             without SSL
         | No
         |
   Is it 'N' for normal ------------------- Normal startup
         |                  Yes
         |
   Fail with unknown

---------------------------------------------------------------------------