Skip site navigation (1) Skip section navigation (2)

SSL (patch 1)

From: Bear Giles <bgiles(at)coyotesong(dot)com>
To: pgsql-patches(at)postgresql(dot)org
Subject: SSL (patch 1)
Date: 2002-05-24 19:17:14
Message-ID: 200205241917.NAA25830@eris.coyotesong.com (view raw or flat)
Thread:
Lists: pgsql-patches
First of many patches on SSL code.  The first patch just sets 
the groundwork for future patches by pulling all SSL-specific
(and by implication all secure session) code into two new files,
be-secure.c and fe-secure.c

These files also contain a temporary checklist of pending patches:

 * PATCH LEVEL
 *	  milestone 1: fix basic coding errors
 *	  [*] existing SSL code pulled out of existing files.
 *	  [ ] SSL_get_error() after SSL_read() and SSL_write(),
 *	      SSL_shutdown(), default to TLSv1.
 *	
 *	  milestone 2: provide endpoint authentication (server)
 *	  [ ] client verifies server cert
 *	  [ ] client verifies server hostname
 *
 *	  milestone 3: improve confidentially, support perfect forward secrecy
 *	  [ ] use 'random' file, read from '/dev/urandom?'
 *	  [ ] emphermal DH keys, default values
 *
 *	  milestone 4: provide endpoint authentication (client)
 *	  [ ] server verifies client certificates
 *
 *	  milestone 5: provide informational callbacks
 *	  [ ] provide informational callbacks
 *
 *	  other changes
 *	  [ ] tcp-wrappers
 *	  [ ] more informative psql

Finally, because of the large number of patches (instead of a 
monoblock patch) I'm managing them with CVS.  Sorry about the
$Id$ and $Header$ in the diff....

Bear

Responses

pgsql-patches by date

Next:From: Joe ConwayDate: 2002-05-24 22:44:37
Subject: Re: SRF rescan testing
Previous:From: Kenneth BeenDate: 2002-05-24 16:11:45
Subject: rtree memory leak patch

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group