rdelaage/postgresql
1
0
Fork 0
mirror of https://git.postgresql.org/git/postgresql.git synced 2024-09-08 03:19:22 +02:00
Code Issues Packages Projects Releases Wiki Activity
9b7cd59af1
postgresql/src/backend/libpq
History
Heikki Linnakangas 9b7cd59af1 Remove support for OpenSSL versions older than 0.9.8. 
OpenSSL officially only supports 1.0.1 and newer. Some OS distributions
still provide patches for 0.9.8, but anything older than that is not
interesting anymore. Let's simplify things by removing compatibility code.

Andreas Karlsson, with small changes by me.
2016-08-29 20:16:02 +03:00
..
auth.c Refactor sendAuthRequest. 2016-08-18 13:25:31 +03:00
be-fsstubs.c Add macros to make AllocSetContextCreate() calls simpler and safer. 2016-08-27 17:50:38 -04:00
be-secure-openssl.c Remove support for OpenSSL versions older than 0.9.8. 2016-08-29 20:16:02 +03:00
be-secure.c pgindent run for 9.6 2016-06-09 18:02:36 -04:00
crypt.c Remove vestigial CHECK_FOR_INTERRUPTS call. 2016-01-07 11:26:54 -05:00
hba.c Add macros to make AllocSetContextCreate() calls simpler and safer. 2016-08-27 17:50:38 -04:00
ip.c Update copyright for 2016 2016-01-02 13:33:40 -05:00
Makefile Support frontend-backend protocol communication using a shm_mq. 2014-10-31 12:02:40 -04:00
md5.c Update copyright for 2016 2016-01-02 13:33:40 -05:00
pg_hba.conf.sample Remove support for native krb5 authentication 2014-01-19 17:05:01 +01:00
pg_ident.conf.sample Reformat the comments in pg_hba.conf and pg_ident.conf 2010-01-26 06:58:39 +00:00
pqcomm.c Remove duplicate function prototype. 2016-08-23 13:44:18 -04:00
pqformat.c Fix several mistakes around parallel workers and client_encoding. 2016-06-30 18:35:32 -04:00
pqmq.c Add a nonlocalized version of the severity field to client error messages. 2016-08-26 16:20:17 -04:00
pqsignal.c Update copyright for 2016 2016-01-02 13:33:40 -05:00
README.SSL Remove useless whitespace at end of lines 2010-11-23 22:34:55 +02:00

README.SSL 

src/backend/libpq/README.SSL

SSL
===

>From the servers perspective:


  Receives StartupPacket
           |
           |
 (Is SSL_NEGOTIATE_CODE?) -----------  Normal startup
           |                  No
           |
           | Yes
           |
           |
 (Server compiled with USE_SSL?) ------- Send 'N'
           |                       No        |
           |                                 |
           | Yes                         Normal startup
           |
           |
        Send 'S'
           |
           |
      Establish SSL
           |
           |
      Normal startup





>From the clients perspective (v6.6 client _with_ SSL):


      Connect
         |
         |
  Send packet with SSL_NEGOTIATE_CODE
         |
         |
  Receive single char  ------- 'S' -------- Establish SSL
         |                                       |
         | '<else>'                              |
         |                                  Normal startup
         |
         |
   Is it 'E' for error  ------------------- Retry connection
         |                  Yes             without SSL
         | No
         |
   Is it 'N' for normal ------------------- Normal startup
         |                  Yes
         |
   Fail with unknown

---------------------------------------------------------------------------