mirror of
https://git.postgresql.org/git/postgresql.git
synced 2024-09-06 18:49:27 +02:00
36298373c7
This used to make some sense under the old implementation, but now an open LO is pretty darn cheap, so why restrict it? |
||
---|---|---|
.. | ||
auth.c | ||
be-fsstubs.c | ||
crypt.c | ||
hba.c | ||
Makefile | ||
password.c | ||
pg_hba.conf.sample | ||
pg_ident.conf.sample | ||
pqcomm.c | ||
pqformat.c | ||
pqpacket.c | ||
pqsignal.c | ||
README.SSL | ||
util.c |
>From the servers perspective: Receives StartupPacket | | (Is SSL_NEGOTIATE_CODE?) ----------- Normal startup | No | | Yes | | (Server compiled with USE_SSL?) ------- Send 'N' | No | | | | Yes Normal startup | | Send 'S' | | Establish SSL | | Normal startup >From the clients perspective (v6.6 client _with_ SSL): Connect | | Send packet with SSL_NEGOTIATE_CODE | | Receive single char ------- 'S' -------- Establish SSL | | | '<else>' | | Normal startup | | Is it 'E' for error ------------------- Retry connection | Yes without SSL | No | Is it 'N' for normal ------------------- Normal startup | Yes | Fail with unknown