rdelaage/postgresql
1
0
Fork 0
mirror of https://git.postgresql.org/git/postgresql.git synced 2024-09-11 18:57:47 +02:00
Code Issues Packages Projects Releases Wiki Activity
a180776f7a
postgresql/src/backend/libpq
History
Peter Eisentraut f4a9da0a15 Use clearer notation for getnameinfo() return handling 
Writing

    if (getnameinfo(...))
        handle_error();

reads quite strangely, so use something like

    if (getnameinfo(...) != 0)
        handle_error();

instead.
2011-08-09 18:30:32 +03:00
..
auth.c Add host name resolution information to pg_hba.conf error messages 2011-07-31 18:03:43 +03:00
be-fsstubs.c Stamp copyrights for year 2011. 2011-01-01 13:18:15 -05:00
be-secure.c Use OpenSSL's SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER flag. 2011-07-24 15:17:51 -04:00
crypt.c Stamp copyrights for year 2011. 2011-01-01 13:18:15 -05:00
hba.c Use clearer notation for getnameinfo() return handling 2011-08-09 18:30:32 +03:00
ip.c On HP/UX, the structs used by ioctl(SIOCGLIFCONF) are named differently 2011-04-13 22:25:27 +03:00
Makefile Remove cvs keywords from all files. 2010-09-20 22:08:53 +02:00
md5.c Stamp copyrights for year 2011. 2011-01-01 13:18:15 -05:00
pg_hba.conf.sample Don't include local line on platforms without support 2011-05-30 20:21:06 +02:00
pg_ident.conf.sample Reformat the comments in pg_hba.conf and pg_ident.conf 2010-01-26 06:58:39 +00:00
pqcomm.c pgindent run before PG 9.1 beta 1. 2011-04-10 11:42:00 -04:00
pqformat.c Stamp copyrights for year 2011. 2011-01-01 13:18:15 -05:00
pqsignal.c Use "backend process" rather than "backend server", where appropriate. 2011-03-12 09:38:56 -05:00
README.SSL Remove useless whitespace at end of lines 2010-11-23 22:34:55 +02:00

README.SSL 

src/backend/libpq/README.SSL

SSL
===

>From the servers perspective:


  Receives StartupPacket
           |
           |
 (Is SSL_NEGOTIATE_CODE?) -----------  Normal startup
           |                  No
           |
           | Yes
           |
           |
 (Server compiled with USE_SSL?) ------- Send 'N'
           |                       No        |
           |                                 |
           | Yes                         Normal startup
           |
           |
        Send 'S'
           |
           |
      Establish SSL
           |
           |
      Normal startup





>From the clients perspective (v6.6 client _with_ SSL):


      Connect
         |
         |
  Send packet with SSL_NEGOTIATE_CODE
         |
         |
  Receive single char  ------- 'S' -------- Establish SSL
         |                                       |
         | '<else>'                              |
         |                                  Normal startup
         |
         |
   Is it 'E' for error  ------------------- Retry connection
         |                  Yes             without SSL
         | No
         |
   Is it 'N' for normal ------------------- Normal startup
         |                  Yes
         |
   Fail with unknown

---------------------------------------------------------------------------