upstream/postgresql
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2026-04-15 22:10:45 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
postgresql/src/backend/libpq
History
Heikki Linnakangas e8f9fe4ae7 Fix typos in comments. 
Backpatch to all supported versions, where applicable, to make backpatching
of future fixes go more smoothly.

Josh Soref

Discussion: https://www.postgresql.org/message-id/CACZqfqCf+5qRztLPgmmosr-B0Ye4srWzzw_mo4c_8_B_mtjmJQ@mail.gmail.com
2017-02-06 11:34:28 +02:00
..
auth.c Include <sys/select.h> where needed 2016-09-27 01:05:21 -03:00
be-fsstubs.c Update copyrights for 2013 2013-01-01 17:15:01 -05:00
be-secure.c Distrust external OpenSSL clients; clear err queue 2016-05-07 00:10:17 -04:00
crypt.c Update copyrights for 2013 2013-01-01 17:15:01 -05:00
hba.c Fix typos in comments. 2017-02-06 11:34:28 +02:00
ip.c Remove code to match IPv4 pg_hba.conf entries to IPv4-in-IPv6 addresses. 2015-02-17 12:49:18 -05:00
Makefile Remove cvs keywords from all files. 2010-09-20 22:08:53 +02:00
md5.c Remove tabs after spaces in C comments 2014-05-06 11:26:28 -04:00
pg_hba.conf.sample initdb: Add options --auth-local and --auth-host 2012-02-01 21:18:55 +02:00
pg_ident.conf.sample Reformat the comments in pg_hba.conf and pg_ident.conf 2010-01-26 06:58:39 +00:00
pqcomm.c Fix incorrect order of lock file removal and failure to close() sockets. 2015-08-02 14:54:44 -04:00
pqformat.c Remove tabs after spaces in C comments 2014-05-06 11:26:28 -04:00
pqsignal.c Move pqsignal() to libpgport. 2013-03-17 12:06:42 -04:00
README.SSL Remove useless whitespace at end of lines 2010-11-23 22:34:55 +02:00

README.SSL 

src/backend/libpq/README.SSL

SSL
===

>From the servers perspective:


  Receives StartupPacket
           |
           |
 (Is SSL_NEGOTIATE_CODE?) -----------  Normal startup
           |                  No
           |
           | Yes
           |
           |
 (Server compiled with USE_SSL?) ------- Send 'N'
           |                       No        |
           |                                 |
           | Yes                         Normal startup
           |
           |
        Send 'S'
           |
           |
      Establish SSL
           |
           |
      Normal startup





>From the clients perspective (v6.6 client _with_ SSL):


      Connect
         |
         |
  Send packet with SSL_NEGOTIATE_CODE
         |
         |
  Receive single char  ------- 'S' -------- Establish SSL
         |                                       |
         | '<else>'                              |
         |                                  Normal startup
         |
         |
   Is it 'E' for error  ------------------- Retry connection
         |                  Yes             without SSL
         | No
         |
   Is it 'N' for normal ------------------- Normal startup
         |                  Yes
         |
   Fail with unknown

---------------------------------------------------------------------------