pgsql/src backend/libpq/be-secure.c interfaces ... - Mailing list pgsql-committers

From momjian@postgresql.org (Bruce Momjian - CVS)
Subject pgsql/src backend/libpq/be-secure.c interfaces ...
Date
Msg-id 20020614043149.90921477289@postgresql.org
Whole thread Raw
List pgsql-committers
CVSROOT:    /cvsroot
Module name:    pgsql
Changes by:    momjian@postgresql.org    02/06/14 00:31:49

Modified files:
    src/backend/libpq: be-secure.c
    src/interfaces/libpq: fe-secure.c

Log message:
    SSL support for ephemeral DH keys.

    As the comment headers in be-secure.c discusses, EPH preserves
    confidentiality even if the static private key (which is usually
    kept unencrypted) is compromised.

    Because of the value of this, common default values are hard-coded
    to protect the confidentiality of the data even if an attacker
    successfully deletes or modifies the external file.

    Bear Giles


pgsql-committers by date:

Previous
From: momjian@postgresql.org (Bruce Momjian - CVS)
Date:
Subject: pgsql/src backend/libpq/Makefile backend/libpq ...
Next
From: momjian@postgresql.org (Bruce Momjian - CVS)
Date:
Subject: pgsql/src backend/libpq/be-secure.c include/li ...