1. 20 Dec, 2004 1 commit
  2. 12 Oct, 2004 1 commit
  3. 29 Aug, 2004 2 commits
  4. 04 Aug, 2004 2 commits
  5. 20 Dec, 2003 1 commit
  6. 29 Nov, 2003 1 commit
    • PostgreSQL Daemon's avatar
      · 969685ad
      PostgreSQL Daemon authored
      $Header: -> $PostgreSQL Changes ...
      969685ad
  7. 26 Sep, 2003 1 commit
  8. 25 Sep, 2003 1 commit
  9. 04 Aug, 2003 2 commits
  10. 28 Jul, 2003 1 commit
  11. 26 Jul, 2003 2 commits
    • Bruce Momjian's avatar
      abc7f732
    • Bruce Momjian's avatar
      At long last I put together a patch to support 4 client SSL negotiation · 397831e1
      Bruce Momjian authored
      modes (and replace the requiressl boolean). The four options were first
      spelled out by Magnus Hagander <mha@sollentuna.net> on 2000-08-23 in email
      to pgsql-hackers, archived here:
      
      http://archives.postgresql.org/pgsql-hackers/2000-08/msg00639.php
      
      My original less-flexible patch and the ensuing thread are archived at:
      
      http://dbforums.com/t623845.html
      
      Attached is a new patch, including documentation.
      
      To sum up, there's a new client parameter "sslmode" and environment
      variable "PGSSLMODE", with these options:
      
      sslmode   description
      -------   -----------
      disable   Unencrypted non-SSL only
      allow     Negotiate, prefer non-SSL
      prefer    Negotiate, prefer SSL (default)
      require   Require SSL
      
      The only change to the server is a new pg_hba.conf line type,
      "hostnossl", for specifying connections that are not allowed to use SSL
      (for example, to prevent servers on a local network from accidentally
      using SSL and wasting cycles). Thus the 3 pg_hba.conf line types are:
      
      pg_hba.conf line types
      ----------------------
      host       applies to either SSL or regular connections
      hostssl    applies only to SSL connections
      hostnossl  applies only to regular connections
      
      These client and server options, the postgresql.conf ssl = false option,
      and finally the possibility of compiling with no SSL support at all,
      make quite a range of combinations to test. I threw together a test
      script to try many of them out. It's in a separate tarball with its
      config files, a patch to psql so it'll announce SSL connections even in
      absence of a tty, and the test output. The test is especially informative
      when run on the same tty the postmaster was started on, so the FATAL:
      errors during negotiation are interleaved with the psql client output.
      
      I saw Tom write that new submissions for 7.4 have to be in before midnight
      local time, and since I'm on the east coast in the US, this just makes it
      in before the bell. :)
      
      Jon Jensen
      397831e1
  12. 23 Jul, 2003 1 commit
    • Tom Lane's avatar
      Have a go at fixing various outstanding portability issues in code that · df63503d
      Tom Lane authored
      was modified for IPv6.  Use a robust definition of struct sockaddr_storage,
      do a proper configure test to see if ss_len exists, don't assume that
      getnameinfo() will handle AF_UNIX sockets, don't trust getaddrinfo to
      return the protocol we ask for, etc.  This incorporates several outstanding
      patches from Kurt Roeckx, but I'm to blame for anything that doesn't
      work ...
      df63503d
  13. 22 Jul, 2003 1 commit
  14. 25 Jun, 2003 1 commit
  15. 12 Jun, 2003 1 commit
  16. 25 Apr, 2003 1 commit
  17. 22 Apr, 2003 1 commit
    • Tom Lane's avatar
      Another round of protocol changes. Backend-to-frontend messages now all · 5ed27e35
      Tom Lane authored
      have length words.  COPY OUT reimplemented per new protocol: it doesn't
      need \. anymore, thank goodness.  COPY BINARY to/from frontend works,
      at least as far as the backend is concerned --- libpq's PQgetline API
      is not up to snuff, and will have to be replaced with something that is
      null-safe.  libpq uses message length words for performance improvement
      (no cycles wasted rescanning long messages), but not yet for error
      recovery.
      5ed27e35
  18. 19 Apr, 2003 1 commit
  19. 17 Apr, 2003 1 commit
  20. 14 Feb, 2003 1 commit
  21. 06 Jan, 2003 2 commits
  22. 06 Dec, 2002 2 commits
  23. 03 Dec, 2002 1 commit
  24. 04 Sep, 2002 2 commits
  25. 02 Sep, 2002 1 commit
  26. 30 Aug, 2002 1 commit
  27. 29 Aug, 2002 2 commits
  28. 27 Aug, 2002 2 commits
  29. 18 Aug, 2002 1 commit
  30. 20 Jun, 2002 1 commit
  31. 05 May, 2002 1 commit