database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-11-21 00:42:43 +03:00
Code Activity
Files
e01157500f26342bf4f067a4eb1e45ab9a3cd410
postgres/src/backend/libpq
History
Magnus Hagander 6a61d1ff9d Properly close token in sspi authentication 
We can never leak more than one token, but we shouldn't do that. We
don't bother closing it in the error paths since the process will
exit shortly anyway.

Christian Ullrich
2016-01-14 13:06:03 +01:00
..
auth.c
Properly close token in sspi authentication
2016-01-14 13:06:03 +01:00
be-fsstubs.c
Update copyright for 2016
2016-01-02 13:33:40 -05:00
be-secure-openssl.c
Update copyright for 2016
2016-01-02 13:33:40 -05:00
be-secure.c
Update copyright for 2016
2016-01-02 13:33:40 -05:00
crypt.c
Remove vestigial CHECK_FOR_INTERRUPTS call.
2016-01-07 11:26:54 -05:00
hba.c
Update copyright for 2016
2016-01-02 13:33:40 -05:00
ip.c
Update copyright for 2016
2016-01-02 13:33:40 -05:00
Makefile
Support frontend-backend protocol communication using a shm_mq.
2014-10-31 12:02:40 -04:00
md5.c
Update copyright for 2016
2016-01-02 13:33:40 -05:00
pg_hba.conf.sample
Remove support for native krb5 authentication
2014-01-19 17:05:01 +01:00
pg_ident.conf.sample
Reformat the comments in pg_hba.conf and pg_ident.conf
2010-01-26 06:58:39 +00:00
pqcomm.c
Update copyright for 2016
2016-01-02 13:33:40 -05:00
pqformat.c
Update copyright for 2016
2016-01-02 13:33:40 -05:00
pqmq.c
Update copyright for 2016
2016-01-02 13:33:40 -05:00
pqsignal.c
Update copyright for 2016
2016-01-02 13:33:40 -05:00
README.SSL
Remove useless whitespace at end of lines
2010-11-23 22:34:55 +02:00

README.SSL 

src/backend/libpq/README.SSL

SSL
===

>From the servers perspective:


  Receives StartupPacket
           |
           |
 (Is SSL_NEGOTIATE_CODE?) -----------  Normal startup
           |                  No
           |
           | Yes
           |
           |
 (Server compiled with USE_SSL?) ------- Send 'N'
           |                       No        |
           |                                 |
           | Yes                         Normal startup
           |
           |
        Send 'S'
           |
           |
      Establish SSL
           |
           |
      Normal startup





>From the clients perspective (v6.6 client _with_ SSL):


      Connect
         |
         |
  Send packet with SSL_NEGOTIATE_CODE
         |
         |
  Receive single char  ------- 'S' -------- Establish SSL
         |                                       |
         | '<else>'                              |
         |                                  Normal startup
         |
         |
   Is it 'E' for error  ------------------- Retry connection
         |                  Yes             without SSL
         | No
         |
   Is it 'N' for normal ------------------- Normal startup
         |                  Yes
         |
   Fail with unknown

---------------------------------------------------------------------------
View Git Blame Copy Permalink