rdelaage
/
postgresql
mirror of https://git.postgresql.org/git/postgresql.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
postgresql/src/backend/libpq
History
Bruce Momjian 10c064ce4d Consistently mention 'SELECT pg_reload_conf()' in config files 
Previously we only mentioned SIGHUP and 'pg_ctl reload' in
postgresql.conf and pg_hba.conf.
 		2016-10-25 11:26:15 -04:00
..
Makefile Move code shared between libpq and backend from backend/libpq/ to common/. 2016-09-02 13:49:59 +03:00
README.SSL Remove useless whitespace at end of lines 2010-11-23 22:34:55 +02:00
auth.c Revert "Replace PostmasterRandom() with a stronger way of generating randomness." 2016-10-18 16:28:23 +03:00
be-fsstubs.c Add macros to make AllocSetContextCreate() calls simpler and safer. 2016-08-27 17:50:38 -04:00
be-secure-openssl.c Extend framework from commit 53be0b1ad to report latch waits. 2016-10-04 11:01:42 -04:00
be-secure.c Extend framework from commit 53be0b1ad to report latch waits. 2016-10-04 11:01:42 -04:00
crypt.c Move code shared between libpq and backend from backend/libpq/ to common/. 2016-09-02 13:49:59 +03:00
hba.c Move code shared between libpq and backend from backend/libpq/ to common/. 2016-09-02 13:49:59 +03:00
ifaddr.c Move code shared between libpq and backend from backend/libpq/ to common/. 2016-09-02 13:49:59 +03:00
pg_hba.conf.sample Consistently mention 'SELECT pg_reload_conf()' in config files 2016-10-25 11:26:15 -04:00
pg_ident.conf.sample Reformat the comments in pg_hba.conf and pg_ident.conf 2010-01-26 06:58:39 +00:00
pqcomm.c Remove "sco" and "unixware" ports. 2016-10-11 11:26:04 -04:00
pqformat.c Fix several mistakes around parallel workers and client_encoding. 2016-06-30 18:35:32 -04:00
pqmq.c Extend framework from commit 53be0b1ad to report latch waits. 2016-10-04 11:01:42 -04:00
pqsignal.c Update copyright for 2016 2016-01-02 13:33:40 -05:00

README.SSL 

src/backend/libpq/README.SSL

SSL
===

>From the servers perspective:


  Receives StartupPacket
           |
           |
 (Is SSL_NEGOTIATE_CODE?) -----------  Normal startup
           |                  No
           |
           | Yes
           |
           |
 (Server compiled with USE_SSL?) ------- Send 'N'
           |                       No        |
           |                                 |
           | Yes                         Normal startup
           |
           |
        Send 'S'
           |
           |
      Establish SSL
           |
           |
      Normal startup





>From the clients perspective (v6.6 client _with_ SSL):


      Connect
         |
         |
  Send packet with SSL_NEGOTIATE_CODE
         |
         |
  Receive single char  ------- 'S' -------- Establish SSL
         |                                       |
         | '<else>'                              |
         |                                  Normal startup
         |
         |
   Is it 'E' for error  ------------------- Retry connection
         |                  Yes             without SSL
         | No
         |
   Is it 'N' for normal ------------------- Normal startup
         |                  Yes
         |
   Fail with unknown

---------------------------------------------------------------------------