rdelaage/postgresql
1
0
Fork 0
mirror of https://git.postgresql.org/git/postgresql.git synced 2024-09-08 03:19:22 +02:00
Code Issues Packages Projects Releases Wiki Activity
8e33fc1784
postgresql/src/backend/libpq
History
Heikki Linnakangas 8e33fc1784 Call getsockopt() on the correct socket. 
We're interested in the buffer size of the socket that's connected to the
client, not the one that's listening for new connections. It happened to
work, as default buffer size is the same on both, but it was clearly not
wrong.

Spotted by Tom Lane
2015-07-06 16:36:48 +03:00
..
auth.c pgindent run for 9.5 2015-05-23 21:35:49 -04:00
be-fsstubs.c Update copyright for 2015 2015-01-06 11:43:47 -05:00
be-secure-openssl.c pgindent run for 9.5 2015-05-23 21:35:49 -04:00
be-secure.c pgindent run for 9.5 2015-05-23 21:35:49 -04:00
crypt.c Don't allow immediate interrupts during authentication anymore. 2015-02-03 22:54:48 +01:00
hba.c Don't leave pg_hba and pg_ident data lying around in running backends. 2015-07-01 18:55:39 -04:00
ip.c Remove code to match IPv4 pg_hba.conf entries to IPv4-in-IPv6 addresses. 2015-02-17 12:49:18 -05:00
Makefile Support frontend-backend protocol communication using a shm_mq. 2014-10-31 12:02:40 -04:00
md5.c Update copyright for 2015 2015-01-06 11:43:47 -05:00
pg_hba.conf.sample Remove support for native krb5 authentication 2014-01-19 17:05:01 +01:00
pg_ident.conf.sample Reformat the comments in pg_hba.conf and pg_ident.conf 2010-01-26 06:58:39 +00:00
pqcomm.c Call getsockopt() on the correct socket. 2015-07-06 16:36:48 +03:00
pqformat.c Update copyright for 2015 2015-01-06 11:43:47 -05:00
pqmq.c pgindent run for 9.5 2015-05-23 21:35:49 -04:00
pqsignal.c Update copyright for 2015 2015-01-06 11:43:47 -05:00
README.SSL Remove useless whitespace at end of lines 2010-11-23 22:34:55 +02:00

README.SSL 

src/backend/libpq/README.SSL

SSL
===

>From the servers perspective:


  Receives StartupPacket
           |
           |
 (Is SSL_NEGOTIATE_CODE?) -----------  Normal startup
           |                  No
           |
           | Yes
           |
           |
 (Server compiled with USE_SSL?) ------- Send 'N'
           |                       No        |
           |                                 |
           | Yes                         Normal startup
           |
           |
        Send 'S'
           |
           |
      Establish SSL
           |
           |
      Normal startup





>From the clients perspective (v6.6 client _with_ SSL):


      Connect
         |
         |
  Send packet with SSL_NEGOTIATE_CODE
         |
         |
  Receive single char  ------- 'S' -------- Establish SSL
         |                                       |
         | '<else>'                              |
         |                                  Normal startup
         |
         |
   Is it 'E' for error  ------------------- Retry connection
         |                  Yes             without SSL
         | No
         |
   Is it 'N' for normal ------------------- Normal startup
         |                  Yes
         |
   Fail with unknown

---------------------------------------------------------------------------