database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-11-09 06:21:09 +03:00
Code Activity
Files
931b6db39b808608a3c80c42b47e3cbcda9e66db
postgres/src/backend/libpq
History
Robert Haas 20709f8136 Add a client authentication hook. 
KaiGai Kohei, with minor cleanup of the comments by me.
2010-10-26 21:20:38 -04:00
..
auth.c
Add a client authentication hook.
2010-10-26 21:20:38 -04:00
be-fsstubs.c
Remove cvs keywords from all files.
2010-09-20 22:08:53 +02:00
be-secure.c
Remove cvs keywords from all files.
2010-09-20 22:08:53 +02:00
crypt.c
Remove cvs keywords from all files.
2010-09-20 22:08:53 +02:00
hba.c
Support suffix matching of host names in pg_hba.conf
2010-10-24 15:54:00 +03:00
ip.c
Remove cvs keywords from all files.
2010-09-20 22:08:53 +02:00
Makefile
Remove cvs keywords from all files.
2010-09-20 22:08:53 +02:00
md5.c
Remove cvs keywords from all files.
2010-09-20 22:08:53 +02:00
pg_hba.conf.sample
Support suffix matching of host names in pg_hba.conf
2010-10-24 15:54:00 +03:00
pg_ident.conf.sample
Reformat the comments in pg_hba.conf and pg_ident.conf
2010-01-26 06:58:39 +00:00
pqcomm.c
Remove cvs keywords from all files.
2010-09-20 22:08:53 +02:00
pqformat.c
Remove cvs keywords from all files.
2010-09-20 22:08:53 +02:00
pqsignal.c
Remove cvs keywords from all files.
2010-09-20 22:08:53 +02:00
README.SSL
Remove cvs keywords from all files.
2010-09-20 22:08:53 +02:00

README.SSL 

src/backend/libpq/README.SSL

SSL
===

>From the servers perspective:


  Receives StartupPacket
           |
           |
 (Is SSL_NEGOTIATE_CODE?) -----------  Normal startup
           |                  No
           |
           | Yes
           |
           |
 (Server compiled with USE_SSL?) ------- Send 'N'
           |                       No        |
           |                                 |
           | Yes                         Normal startup
           |
           |
        Send 'S'
           |
           |
      Establish SSL
           |
           |
      Normal startup
     




>From the clients perspective (v6.6 client _with_ SSL):


      Connect
         |
         |
  Send packet with SSL_NEGOTIATE_CODE
         |
         |
  Receive single char  ------- 'S' -------- Establish SSL
         |                                       |
         | '<else>'                              |
         |                                  Normal startup
         |
         |
   Is it 'E' for error  ------------------- Retry connection
         |                  Yes             without SSL
         | No
         |
   Is it 'N' for normal ------------------- Normal startup
         |                  Yes
         |
   Fail with unknown

---------------------------------------------------------------------------
View Git Blame Copy Permalink