mirror/postgresql
2
0
Fork 0
mirror of https://git.postgresql.org/git/postgresql.git synced 2025-01-30 19:00:29 +08:00
Code Issues Packages Projects Releases Wiki Activity
15,209 Commits 37 Branches 638 Tags 431 MiB
C 85.5%
PLpgSQL 5.9%
Perl 4.2%
Yacc 1.3%
Makefile 0.7%
Other 2.2%
17386ac453
Go to file
Bruce Momjian 17386ac453 Well, the discussion about SSL a bit back perked my interest and I did 
some reading on the subject.

1) PostgreSQL uses ephemeral keying, for its connections (good thing)

2) PostgreSQL doesn't set the cipher list that it allows (bad thing,
   fixed)

3) PostgreSQL's renegotiation code wasn't text book correct (could be
   bad, fixed)

4) The rate of renegotiating was insanely low (as Tom pointed out, set
   to a more reasonable level)

I haven't checked around much to see if there are any other SSL bits
that need some review, but I'm doing some OpenSSL work right now
and'll send patches for improvements along the way (if I find them).
At the very least, the changes in this patch will make security folks
happier for sure.  The constant renegotiation of sessions was likely a
boon to systems that had bad entropy gathering means (read: Slowaris
/dev/rand|/dev/urand != ANDIrand).  The new limit for renegotiations
is 512MB which should be much more reasonable.

Sean Chittenden
2003-06-11 15:05:50 +00:00
config Adjust configure so that extern tzname[] will be checked for 2003-05-22 16:39:30 +00:00
contrib Remove platform-specific executable; does not belong in distribution. 2003-06-11 14:02:57 +00:00
doc Now that I look, that link doesn't belong there at all, does it? 2003-06-11 14:14:50 +00:00
src Well, the discussion about SSL a bit back perked my interest and I did 2003-06-11 15:05:50 +00:00
aclocal.m4 Remove leftovers from subproject removals. Fixes for Python and Kerberos 2002-09-04 22:54:18 +00:00
configure Add Rendezvous support to postmaster, from Chris Campbell 2003-06-11 06:56:07 +00:00
configure.in Add Rendezvous support to postmaster, from Chris Campbell 2003-06-11 06:56:07 +00:00
COPYRIGHT Update copyright to 2002. 2002-06-20 20:29:54 +00:00
GNUmakefile.in First step to removing /contrib/retep, with Peter Mount's approval. 2002-10-21 00:12:46 +00:00
HISTORY Fix misstatement in release-notes item. 2003-05-26 18:58:26 +00:00
INSTALL Regenerate 2002-11-21 23:33:22 +00:00
Makefile Restructure the key include files per recent pghackers discussion: there 2001-02-10 02:31:31 +00:00
README Improve wording. 2002-11-11 20:03:40 +00:00
register.txt Update URL to point to proper location. 2003-06-02 15:01:03 +00:00

README 

PostgreSQL Database Management System
=====================================
  
This directory contains the source code distribution of the PostgreSQL
database management system.

PostgreSQL is an advanced object-relational database management system
that supports an extended subset of the SQL standard, including
transactions, foreign keys, subqueries, triggers, user-defined types
and functions.  This distribution also contains several language
bindings, including C, Perl, Python, and Tcl, as well as a JDBC
driver.

The ODBC and C++ interfaces have been moved to the PostgreSQL Projects
Web Site at http://gborg.postgresql.org for separate maintenance.

See the file INSTALL for instructions on how to build and install
PostgreSQL.  That file also lists supported operating systems and
hardware platforms and contains information regarding any other
software packages that are required to build or run the PostgreSQL
system.  Changes between all PostgreSQL releases are recorded in the
file HISTORY.  Copyright and license information can be found in the
file COPYRIGHT.  A comprehensive documentation set is included in this
distribution; it can be read as described in the installation
instructions.

The latest version of this software may be obtained at
ftp://ftp.postgresql.org/pub/.  For more information look at our web
site located at http://www.postgresql.org/.