database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-10-19 15:49:24 +03:00
Code Activity
Files
30547d7913098502cdc93c06f77c3629af51b24c
postgres/doc/src/sgml
History
Tom Lane 30547d7913 libpq: reject extraneous data after SSL or GSS encryption handshake. 
libpq collects up to a bufferload of data whenever it reads data from
the socket.  When SSL or GSS encryption is requested during startup,
any additional data received with the server's yes-or-no reply
remained in the buffer, and would be treated as already-decrypted data
once the encryption handshake completed.  Thus, a man-in-the-middle
with the ability to inject data into the TCP connection could stuff
some cleartext data into the start of a supposedly encryption-protected
database session.

This could probably be abused to inject faked responses to the
client's first few queries, although other details of libpq's behavior
make that harder than it sounds.  A different line of attack is to
exfiltrate the client's password, or other sensitive data that might
be sent early in the session.  That has been shown to be possible with
a server vulnerable to CVE-2021-23214.

To fix, throw a protocol-violation error if the internal buffer
is not empty after the encryption handshake.

Our thanks to Jacob Champion for reporting this problem.

Security: CVE-2021-23222
2021-11-08 11:14:56 -05:00
..
images
keywords
ref
Clarify that --system reindexes system catalogs *only*
2021-10-27 16:28:22 +02:00
.gitignore
acronyms.sgml
doc: Add acronyms for MITM and SNI
2021-06-25 11:29:03 +09:00
adminpack.sgml
Doc: update remaining tables of functions/operators for new layout.
2020-05-07 14:25:25 -04:00
advanced.sgml
doc: adjust "cities" example to be consistent with other SQL
2021-07-02 20:42:46 -04:00
amcheck.sgml
docs: fix inconsistencies in markup and case
2021-07-15 23:22:59 +02:00
appendix-obsolete-default-roles.sgml
doc: Fix quoting markup
2021-07-05 08:26:30 +02:00
appendix-obsolete-pgreceivexlog.sgml
Add a docs section for obsoleted and renamed functions and settings
2021-03-31 16:23:25 -04:00
appendix-obsolete-pgresetxlog.sgml
Add a docs section for obsoleted and renamed functions and settings
2021-03-31 16:23:25 -04:00
appendix-obsolete-pgxlogdump.sgml
Add a docs section for obsoleted and renamed functions and settings
2021-03-31 16:23:25 -04:00
appendix-obsolete-recovery-config.sgml
Add a docs section for obsoleted and renamed functions and settings
2021-03-31 16:23:25 -04:00
appendix-obsolete.sgml
Rename Default Roles to Predefined Roles
2021-04-01 15:32:06 -04:00
arch-dev.sgml
Align some terms in arch-dev.sgml to glossary
2021-04-05 11:46:13 -04:00
array.sgml
Doc: correct nitpicky mistakes in array_position/array_positions examples.
2020-06-25 13:28:30 -04:00
auth-delay.sgml
auto-explain.sgml
Fix some grammar and typos in comments and docs
2020-11-02 15:14:41 +09:00
backup-manifest.sgml
doc: Spell checking
2020-07-05 15:37:57 +02:00
backup.sgml
doc: add example of using pg_dump with GNU split and gzip
2021-08-03 10:57:32 -04:00
bgworker.sgml
Send NOTIFY signals during CommitTransaction.
2021-09-14 17:18:25 -04:00
biblio.sgml
Fix title in reference section
2020-09-10 14:15:26 +02:00
bki.sgml
doc: Spell checking
2021-07-16 12:39:23 +02:00
bloom.sgml
doc: make blooms docs match reality
2020-10-26 19:17:05 -04:00
brin.sgml
docs: fix inconsistencies in markup and case
2021-07-15 23:22:59 +02:00
btree-gin.sgml
Mark some contrib modules as "trusted".
2020-02-13 15:02:35 -05:00
btree-gist.sgml
Mark some contrib modules as "trusted".
2020-02-13 15:02:35 -05:00
btree.sgml
doc: Fix some typos and markups
2021-09-29 11:56:36 +09:00
catalogs.sgml
doc: Fix some typos and markups
2021-09-29 11:56:36 +09:00
charset.sgml
doc: remove URL for ICU explorer/locexp
2021-10-04 17:10:59 -04:00
citext.sgml
Add deduplication to nbtree.
2020-02-26 13:05:30 -08:00
client-auth.sgml
Use the correct article for abbreviations
2021-06-11 13:38:04 +12:00
color.sgml
Document color support
2020-03-29 11:15:11 +02:00
config.sgml
Reject huge_pages=on if shared_memory_type=sysv.
2021-10-26 13:09:00 +13:00
contrib-spi.sgml
contrib.sgml
Retire pg_standby.
2021-01-29 14:09:41 +13:00
cube.sgml
Remove deprecated containment operators for contrib types.
2021-03-05 10:45:41 -05:00
custom-scan.sgml
doc: Clean up title case use
2019-09-08 10:27:29 +02:00
datatype.sgml
Fix typos in docs
2021-09-26 19:18:23 +09:00
datetime.sgml
Doc: fix discussion of how to get real Julian Dates.
2021-04-28 10:03:28 -04:00
dblink.sgml
Use the correct article for abbreviations
2021-06-11 13:38:04 +12:00
ddl.sgml
doc: mention inheritance's tableoid can be used in partitioning
2021-08-03 11:11:51 -04:00
dfunc.sgml
doc: Refresh more URLs in the docs
2020-07-18 22:43:35 +09:00
dict-int.sgml
Add an "absval" parameter to allow contrib/dict_int to ignore signs.
2020-03-08 18:35:06 -04:00
dict-xsyn.sgml
diskusage.sgml
dml.sgml
doc: Improve wording
2021-04-07 13:52:26 +02:00
docguide.sgml
Remove configure-time probe for DocBook DTD.
2020-11-30 15:24:13 -05:00
earthdistance.sgml
Make contrib modules' installation scripts more secure.
2020-08-10 10:44:42 -04:00
ecpg.sgml
Fix range check in ECPG numeric to int conversion
2021-07-30 16:28:43 -04:00
errcodes.sgml
Doc: remove now-redundant align specifications in colspecs.
2020-05-06 15:58:23 -04:00
event-trigger.sgml
Doc: further fooling-about with rendering of tables in PDF output.
2020-05-06 12:23:54 -04:00
extend.sgml
Use the correct article for abbreviations
2021-06-11 13:38:04 +12:00
external-projects.sgml
Update link for pllua
2020-10-19 13:48:00 +02:00
fdwhandler.sgml
Doc: Tweak function prototype indentation for consistency.
2021-08-25 13:00:01 +09:00
features.sgml
doc: Clean up title case use
2020-06-07 13:18:36 +02:00
file-fdw.sgml
Add csvlog output for the new query_id value
2021-04-07 22:30:30 -04:00
filelist.sgml
Doc: Hash Indexes.
2021-07-05 09:38:17 +05:30
func.sgml
docs: Fix bit_count example output
2021-07-29 21:39:40 +02:00
fuzzystrmatch.sgml
Mark some contrib modules as "trusted".
2020-02-13 15:02:35 -05:00
generate-errcodes-table.pl
Update copyright for 2021
2021-01-02 13:06:25 -05:00
generate-keywords-table.pl
Update copyright for 2021
2021-01-02 13:06:25 -05:00
generic-wal.sgml
geqo.sgml
doc: Refresh more URLs in the docs
2020-07-18 22:43:35 +09:00
gin.sgml
doc: Remove more notes about compatibilities with past versions
2020-12-01 16:32:26 +09:00
gist.sgml
Doc: fix minor issues in GiST support function documentation.
2021-10-04 13:34:31 -04:00
glossary.sgml
doc: Make terminology in glossary consistent
2021-06-05 09:01:29 +02:00
hash.sgml
Doc: Hash Indexes.
2021-07-05 09:38:17 +05:30
high-availability.sgml
Consistently use read-only instead of "read only"
2021-09-07 22:04:45 +02:00
history.sgml
doc: Use proper em and en dashes
2019-10-25 20:39:41 +02:00
hstore.sgml
doc: Clarify use of ACCESS EXCLUSIVE lock in various sections
2021-04-01 15:28:37 +09:00
indexam.sgml
doc: Spell checking
2021-07-16 12:39:23 +02:00
indices.sgml
Support INCLUDE'd columns in SP-GiST.
2021-04-05 18:41:21 -04:00
info.sgml
information_schema.sgml
Routine usage information schema tables
2021-02-17 18:16:06 +01:00
install-binaries.sgml
Expand installation documentation to cover binary installations
2020-10-06 14:15:32 +02:00
install-windows.sgml
Doc: improve libpq service-file docs, avoid overspecifying pathnames.
2021-05-29 14:27:37 -04:00
installation.sgml
add missing tag from commit b8c4261e5e
2021-07-01 15:47:47 -04:00
intagg.sgml
intarray.sgml
Doc: fix bogus intarray index example.
2021-06-03 21:07:20 -04:00
intro.sgml
doc: Refresh more URLs in the docs
2020-07-18 22:43:35 +09:00
isn.sgml
Misc documentation fixes.
2020-10-19 19:28:54 +03:00
jit.sgml
Doc: tweak examples to silence line-too-long PDF build warnings.
2020-05-14 18:13:08 -04:00
json.sgml
doc: Spell checking
2021-07-16 12:39:23 +02:00
keywords.sgml
Allow most keywords to be used as column labels without requiring AS.
2020-09-18 16:46:36 -04:00
legal.sgml
Update copyright for 2021
2021-01-02 13:06:25 -05:00
libpq.sgml
Pipeline mode disallows multicommand strings
2021-11-05 11:40:03 -03:00
limits.sgml
doc: Clean up title case use
2019-09-08 10:27:29 +02:00
lo.sgml
Mark some contrib modules as "trusted".
2020-02-13 15:02:35 -05:00
lobj.sgml
Doc: fix typos.
2021-09-19 11:36:53 -04:00
logical-replication.sgml
Fix some trailing whitespace in documentation files
2021-04-22 22:47:57 +02:00
logicaldecoding.sgml
doc: Spell checking
2021-07-16 12:39:23 +02:00
ltree.sgml
Use the correct article for abbreviations
2021-06-11 13:38:04 +12:00
maintenance.sgml
Revert analyze support for partitioned tables
2021-08-16 17:27:52 -04:00
Makefile
manage-ag.sgml
docs: improve description of how to handle multiple databases
2020-08-21 20:23:09 -04:00
mk_feature_tables.pl
Initial pgindent and pgperltidy run for v13.
2020-05-14 13:06:50 -04:00
monitoring.sgml
Revert "Remove unused wait events."
2021-10-26 08:19:33 +05:30
mvcc.sgml
Consistently use read-only instead of "read only"
2021-09-07 22:04:45 +02:00
nls.sgml
doc: improve NLS instruction wording
2021-01-05 14:26:37 -05:00
notation.sgml
oid2name.sgml
Doc: fix some description of environment variables with frontend tools
2020-03-09 10:53:22 +09:00
oldsnapshot.sgml
Add new 'old_snapshot' contrib module.
2020-09-24 13:55:47 -04:00
pageinspect.sgml
Use the correct article for abbreviations
2021-06-11 13:38:04 +12:00
parallel.sgml
doc: Replace some uses of "which" by "that" in parallel.sgml
2021-09-02 11:35:56 +09:00
passwordcheck.sgml
doc: Update cracklib URL
2020-08-28 08:19:12 +02:00
perform.sgml
Revert analyze support for partitioned tables
2021-08-16 17:27:52 -04:00
pgbuffercache.sgml
Doc: improve libpq service-file docs, avoid overspecifying pathnames.
2021-05-29 14:27:37 -04:00
pgcrypto.sgml
Add alternative output for OpenSSL 3 without legacy loaded
2021-09-25 11:27:28 +02:00
pgfreespacemap.sgml
docs: Remove notes about incompatibilies with very old versions.
2020-10-26 09:07:14 +02:00
pgprewarm.sgml
pgrowlocks.sgml
doc: Clarify use of ACCESS EXCLUSIVE lock in various sections
2021-04-01 15:28:37 +09:00
pgstatstatements.sgml
doc: Spell checking
2021-07-16 12:39:23 +02:00
pgstattuple.sgml
pgsurgery.sgml
New contrib module, pg_surgery, with heap surgery functions.
2020-09-10 11:14:07 -04:00
pgtrgm.sgml
Remove mention of the version number from pg_trgm docs
2021-05-04 03:59:21 +03:00
pgvisibility.sgml
planstats.sgml
Doc: tweak examples to silence line-too-long PDF build warnings.
2020-05-14 18:13:08 -04:00
plhandler.sgml
Add PL/Sample to src/test/modules/
2020-08-18 11:10:50 +09:00
plperl.sgml
dummy commit
2020-12-23 09:33:20 -05:00
plpgsql.sgml
Use the correct article for abbreviations
2021-06-11 13:38:04 +12:00
plpython.sgml
Use the correct article for abbreviations
2021-06-11 13:38:04 +12:00
pltcl.sgml
Use the correct article for abbreviations
2021-06-11 13:38:04 +12:00
postgres-fdw.sgml
Doc: extend warnings about collation-mismatch hazards in postgres_fdw.
2021-09-25 10:53:54 -04:00
postgres.sgml
Doc: Hash Indexes.
2021-07-05 09:38:17 +05:30
problems.sgml
protocol.sgml
libpq: reject extraneous data after SSL or GSS encryption handshake.
2021-11-08 11:14:56 -05:00
queries.sgml
Doc: improve description of UNION/INTERSECT/EXCEPT syntax.
2021-10-05 10:24:14 -04:00
query.sgml
doc: Prefer explicit JOIN syntax over old implicit syntax in tutorial
2021-04-08 10:51:26 +02:00
rangetypes.sgml
Revert 29854ee8d1 due to buildfarm failures
2021-06-15 21:44:40 +03:00
README.links
doc: mention <link> can be inside of <command>, but not <xref>
2021-04-22 16:01:17 -04:00
reference.sgml
Add pg_amcheck, a CLI for contrib/amcheck.
2021-03-12 13:00:01 -05:00
regress.sgml
doc: Fix command example to run regression tests with PGOPTIONS
2021-07-26 16:27:01 +09:00
release-14.sgml
Release notes for 14.1, 13.5, 12.9, 11.14, 10.19, 9.6.24.
2021-11-07 14:21:50 -05:00
release.sgml
Stamp HEAD as 14devel.
2020-06-07 17:16:30 -04:00
replication-origins.sgml
doc: add commas after 'i.e.' and 'e.g.'
2020-08-31 18:33:37 -04:00
rowtypes.sgml
rules.sgml
Fix wording
2021-08-06 20:56:18 +02:00
runtime.sgml
Doc: Remove extraneous whitespaces with some tags
2021-04-24 10:44:13 +09:00
seg.sgml
Remove deprecated containment operators for contrib types.
2021-03-05 10:45:41 -05:00
sepgsql.sgml
doc: Fix link to SELinux user guide in sepgsql page
2021-10-28 09:26:13 +09:00
sourcerepo.sgml
doc: Clean up title case use
2019-09-08 10:27:29 +02:00
sources.sgml
Avoid using ambiguous word "non-negative" in error messages.
2021-07-28 01:21:35 +09:00
spgist.sgml
doc: Fix some typos and markups
2021-09-29 11:56:36 +09:00
spi.sgml
Fix checking of query type in plpgsql's RETURN QUERY command.
2021-10-03 13:21:20 -04:00
sslinfo.sgml
Introduce --with-ssl={openssl} as a configure option
2021-02-01 19:19:44 +09:00
standalone-install.xml
Doc: tweak installation doc edits made by commit 76c2af926.
2019-09-06 11:24:42 -04:00
standalone-profile.xsl
Fix generation of ./INSTALL for the distribution tarball
2021-05-10 14:34:07 +09:00
start.sgml
Doc: update example connection-failure messages in the documentation.
2021-01-23 15:50:51 -05:00
storage.sgml
Rethink definition of pg_attribute.attcompression.
2021-05-27 13:24:27 -04:00
stylesheet-common.xsl
Doc: re-re-revise markup for tables of functions.
2020-04-30 00:34:12 -04:00
stylesheet-fo.xsl
Doc: reformat catalog/view description tables.
2020-05-13 23:03:39 -04:00
stylesheet-hh.xsl
stylesheet-html-common.xsl
Recreate website's formatting for "website" doc builds.
2020-02-14 18:38:35 -08:00
stylesheet-html-nochunk.xsl
stylesheet-man.xsl
stylesheet-speedup-common.xsl
stylesheet-speedup-xhtml.xsl
stylesheet-text.xsl
stylesheet.css
Doc: reformat catalog/view description tables.
2020-05-13 23:03:39 -04:00
stylesheet.xsl
Fix docs build for website styles
2021-02-22 13:04:10 +01:00
syntax.sgml
Remove operator_precedence_warning.
2020-12-08 16:29:52 -05:00
tableam.sgml
doc: add commas after 'i.e.' and 'e.g.'
2020-08-31 18:33:37 -04:00
tablefunc.sgml
Use the correct article for abbreviations
2021-06-11 13:38:04 +12:00
tablesample-method.sgml
Use the correct article for abbreviations
2021-06-11 13:38:04 +12:00
tcn.sgml
Mark some contrib modules as "trusted".
2020-02-13 15:02:35 -05:00
test-decoding.sgml
doc: Fix some typos and markups
2021-09-29 11:56:36 +09:00
textsearch.sgml
Use the correct article for abbreviations
2021-06-11 13:38:04 +12:00
trigger.sgml
Doc: clarify how triggers relate to transactions.
2021-09-01 17:24:59 -04:00
tsm-system-rows.sgml
Improve <xref> vs. <command> formatting in the documentation
2020-10-03 16:40:02 +02:00
tsm-system-time.sgml
Improve <xref> vs. <command> formatting in the documentation
2020-10-03 16:40:02 +02:00
typeconv.sgml
Use the correct article for abbreviations
2021-06-11 13:38:04 +12:00
unaccent.sgml
Mark some contrib modules as "trusted".
2020-02-13 15:02:35 -05:00
user-manag.sgml
docs: Add command tags for SQL commands
2021-08-27 18:25:34 -04:00
uuid-ossp.sgml
docs: ulink all references to RFC's
2020-12-01 14:36:30 +02:00
vacuumlo.sgml
doc: remove xreflabels from commits 75fcdd2ae2 and 85af628da5
2020-06-11 18:19:25 -04:00
wal.sgml
doc: Spell checking
2021-07-16 12:39:23 +02:00
xaggr.sgml
Declare assorted array functions using anycompatible not anyelement.
2020-11-04 16:09:55 -05:00
xfunc.sgml
Use the correct article for abbreviations
2021-06-11 13:38:04 +12:00
xindex.sgml
Doc: fix minor issues in GiST support function documentation.
2021-10-04 13:34:31 -04:00
xml2.sgml
doc: add commas after 'i.e.' and 'e.g.'
2020-08-31 18:33:37 -04:00
xoper.sgml
Remove support for postfix (right-unary) operators.
2020-09-17 19:38:05 -04:00
xplang.sgml
Improve <xref> vs. <command> formatting in the documentation
2020-10-03 16:40:02 +02:00
xtypes.sgml
doc: Clean up title case use
2019-09-08 10:27:29 +02:00

README.links 

<!-- doc/src/sgml/README.links -->

Linking within DocBook documents can be confusing, so here is a summary:


Intra-document Linking
----------------------

<xref>
	use to get chapter/section number from the title of the target
	link, or xreflabel if defined at the target, or refentrytitle if target
        is a refentry;  has no close tag
	http://www.oasis-open.org/docbook/documentation/reference/html/xref.html

linkend=
	controls the target of the link/xref, required

endterm=
	for <xref>, allows the text of the link/xref to be taken from a
	different link target title

<link>
	use to supply text for the link, only uses linkend, requires </link>
	http://www.oasis-open.org/docbook/documentation/reference/html/link.html
	can be embedded inside of <command>, unlike <xref>


External Linking
----------------

<ulink>
	like <link>, but uses a URL (not a document target);  requires
	</ulink>; if no text is specified, the URL appears as the link
	text
	http://www.oasis-open.org/docbook/documentation/reference/html/ulink.html

url=
	used by <ulink> to specify the URL, required


Guidelines
----------

- For an internal link, if you want to supply text, use <link>, else
  <xref>.

- Specific nouns like GUC variables, SQL commands, and contrib modules
  usually have xreflabels.

- For an external link, use <ulink>, with or without link text.

- xreflabels added to tags prevent the chapter/section for id's from being
  referenced;  only the xreflabel is accessible.  Therefore, use xreflabels
  only when linking is common, and chapter/section information is unneeded.