rdelaage
/
postgresql
mirror of https://git.postgresql.org/git/postgresql.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
postgresql/src/backend/libpq
History
Peter Eisentraut f426fbf746 Ident authentication over Unix-domain sockets on Solaris, using 
getpeerucred() function.

Author: Garick Hamlin <ghamlin@isc.upenn.edu>
 		2008-11-18 13:10:20 +00:00
..
Makefile Refactor backend makefiles to remove lots of duplicate code 2008-02-19 10:30:09 +00:00
README.SSL Remove large parts of the old SSL readme, that consisted of a couple 2008-10-24 11:48:29 +00:00
auth.c Ident authentication over Unix-domain sockets on Solaris, using 2008-11-18 13:10:20 +00:00
be-fsstubs.c Simplify and standardize conversions between TEXT datums and ordinary C 2008-03-25 22:42:46 +00:00
be-secure.c Remove a "TODO-list" structure at the top of the file, referring back 2008-10-24 12:24:35 +00:00
crypt.c Remove support for (insecure) crypt authentication. 2008-10-28 12:10:44 +00:00
hba.c Remove support for (insecure) crypt authentication. 2008-10-28 12:10:44 +00:00
ip.c Update copyrights in source tree to 2008. 2008-01-01 19:46:01 +00:00
md5.c Update copyrights in source tree to 2008. 2008-01-01 19:46:01 +00:00
pg_hba.conf.sample * make pg_hba authoption be a set of 0 or more name=value pairs 2008-10-23 13:31:10 +00:00
pg_ident.conf.sample * make pg_hba authoption be a set of 0 or more name=value pairs 2008-10-23 13:31:10 +00:00
pqcomm.c Update copyrights in source tree to 2008. 2008-01-01 19:46:01 +00:00
pqformat.c Update copyrights in source tree to 2008. 2008-01-01 19:46:01 +00:00
pqsignal.c Update copyrights in source tree to 2008. 2008-01-01 19:46:01 +00:00

README.SSL 

$PostgreSQL: pgsql/src/backend/libpq/README.SSL,v 1.7 2008/10/24 11:48:29 mha Exp $

SSL
===

>From the servers perspective:


  Receives StartupPacket
           |
           |
 (Is SSL_NEGOTIATE_CODE?) -----------  Normal startup
           |                  No
           |
           | Yes
           |
           |
 (Server compiled with USE_SSL?) ------- Send 'N'
           |                       No        |
           |                                 |
           | Yes                         Normal startup
           |
           |
        Send 'S'
           |
           |
      Establish SSL
           |
           |
      Normal startup
     




>From the clients perspective (v6.6 client _with_ SSL):


      Connect
         |
         |
  Send packet with SSL_NEGOTIATE_CODE
         |
         |
  Receive single char  ------- 'S' -------- Establish SSL
         |                                       |
         | '<else>'                              |
         |                                  Normal startup
         |
         |
   Is it 'E' for error  ------------------- Retry connection
         |                  Yes             without SSL
         | No
         |
   Is it 'N' for normal ------------------- Normal startup
         |                  Yes
         |
   Fail with unknown

---------------------------------------------------------------------------