1berry/postgres
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
postgres/src/backend/libpq
History
Tom Lane ae20b23a9e Refactor permissions checks for large objects. 
Up to now, ACL checks for large objects happened at the level of
the SQL-callable functions, which led to CVE-2017-7548 because of a
missing check.  Push them down to be enforced in inv_api.c as much
as possible, in hopes of preventing future bugs.  This does have the
effect of moving read and write permission errors to happen at lo_open
time not loread or lowrite time, but that seems acceptable.

Michael Paquier and Tom Lane

Discussion: https://postgr.es/m/CAB7nPqRHmNOYbETnc_2EjsuzSM00Z+BWKv9sy6tnvSd5gWT_JA@mail.gmail.com
2017-11-09 12:56:07 -05:00
..
auth-scram.c
Tweak some SCRAM error messages and code comments
2017-08-23 12:29:38 -04:00
auth.c
Fix typo
2017-10-19 13:57:20 +02:00
be-fsstubs.c
Refactor permissions checks for large objects.
2017-11-09 12:56:07 -05:00
be-secure-openssl.c
Final pgindent + perltidy run for v10.
2017-08-14 17:29:33 -04:00
be-secure.c
Always use 2048 bit DH parameters for OpenSSL ephemeral DH ciphers.
2017-07-31 22:36:09 +03:00
crypt.c
Don't allow logging in with empty password.
2017-08-07 17:03:42 +03:00
hba.c
Change TRUE/FALSE to true/false
2017-11-08 11:37:28 -05:00
ifaddr.c
Replace most usages of ntoh[ls] and hton[sl] with pg_bswap.h.
2017-10-01 15:36:14 -07:00
Makefile
Support SCRAM-SHA-256 authentication (RFC 5802 and 7677).
2017-03-07 14:25:40 +02:00
pg_hba.conf.sample
Rename "scram" to "scram-sha-256" in pg_hba.conf and password_encryption.
2017-04-18 14:50:50 +03:00
pg_ident.conf.sample
pqcomm.c
Change TRUE/FALSE to true/false
2017-11-08 11:37:28 -05:00
pqformat.c
Add more efficient functions to pqformat API.
2017-10-11 16:01:52 -07:00
pqmq.c
Clean up shm_mq cleanup.
2017-08-31 15:10:24 -04:00
pqsignal.c
Update copyright via script for 2017
2017-01-03 13:48:53 -05:00
README.SSL

README.SSL 

src/backend/libpq/README.SSL

SSL
===

>From the servers perspective:


  Receives StartupPacket
           |
           |
 (Is SSL_NEGOTIATE_CODE?) -----------  Normal startup
           |                  No
           |
           | Yes
           |
           |
 (Server compiled with USE_SSL?) ------- Send 'N'
           |                       No        |
           |                                 |
           | Yes                         Normal startup
           |
           |
        Send 'S'
           |
           |
      Establish SSL
           |
           |
      Normal startup





>From the clients perspective (v6.6 client _with_ SSL):


      Connect
         |
         |
  Send packet with SSL_NEGOTIATE_CODE
         |
         |
  Receive single char  ------- 'S' -------- Establish SSL
         |                                       |
         | '<else>'                              |
         |                                  Normal startup
         |
         |
   Is it 'E' for error  ------------------- Retry connection
         |                  Yes             without SSL
         | No
         |
   Is it 'N' for normal ------------------- Normal startup
         |                  Yes
         |
   Fail with unknown

---------------------------------------------------------------------------