rdelaage
/
postgresql
mirror of https://git.postgresql.org/git/postgresql.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
postgresql/src/backend/libpq
History
Magnus Hagander 6c4637a3b3 Disallow empty passwords in LDAP authentication, the same way 
we already do it for PAM.
 		2009-06-25 11:30:08 +00:00
..
Makefile Refactor backend makefiles to remove lots of duplicate code 2008-02-19 10:30:09 +00:00
README.SSL Remove large parts of the old SSL readme, that consisted of a couple 2008-10-24 11:48:29 +00:00
auth.c Disallow empty passwords in LDAP authentication, the same way 2009-06-25 11:30:08 +00:00
be-fsstubs.c 8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list 2009-06-11 14:49:15 +00:00
be-secure.c 8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list 2009-06-11 14:49:15 +00:00
crypt.c Update copyright for 2009. 2009-01-01 17:24:05 +00:00
hba.c parse_ident_usermap() shuold use ereport(LOG) and not ERROR, and put the 2009-06-24 13:39:42 +00:00
ip.c Remove our inadequate kluge that tried to get AIX's various broken versions 2009-06-11 19:00:15 +00:00
md5.c Update copyright for 2009. 2009-01-01 17:24:05 +00:00
pg_hba.conf.sample Remove last references to the crypt auth method, per Andreas Scherbaum. 2009-04-01 03:23:50 +00:00
pg_ident.conf.sample Improve comments in pg_ident.conf.sample. 2009-05-16 20:43:46 +00:00
pqcomm.c Update copyright for 2009. 2009-01-01 17:24:05 +00:00
pqformat.c 8.4 pgindent run, with new combined Linux/FreeBSD/MinGW typedef list 2009-06-11 14:49:15 +00:00
pqsignal.c Update copyright for 2009. 2009-01-01 17:24:05 +00:00

README.SSL 

$PostgreSQL: pgsql/src/backend/libpq/README.SSL,v 1.7 2008/10/24 11:48:29 mha Exp $

SSL
===

>From the servers perspective:


  Receives StartupPacket
           |
           |
 (Is SSL_NEGOTIATE_CODE?) -----------  Normal startup
           |                  No
           |
           | Yes
           |
           |
 (Server compiled with USE_SSL?) ------- Send 'N'
           |                       No        |
           |                                 |
           | Yes                         Normal startup
           |
           |
        Send 'S'
           |
           |
      Establish SSL
           |
           |
      Normal startup
     




>From the clients perspective (v6.6 client _with_ SSL):


      Connect
         |
         |
  Send packet with SSL_NEGOTIATE_CODE
         |
         |
  Receive single char  ------- 'S' -------- Establish SSL
         |                                       |
         | '<else>'                              |
         |                                  Normal startup
         |
         |
   Is it 'E' for error  ------------------- Retry connection
         |                  Yes             without SSL
         | No
         |
   Is it 'N' for normal ------------------- Normal startup
         |                  Yes
         |
   Fail with unknown

---------------------------------------------------------------------------