|
11 | 11 | * |
12 | 12 | * |
13 | 13 | * IDENTIFICATION |
14 | | - * $PostgreSQL: pgsql/src/backend/libpq/be-secure.c,v 1.84 2008/03/31 02:43:14 tgl Exp $ |
| 14 | + * $PostgreSQL: pgsql/src/backend/libpq/be-secure.c,v 1.85 2008/10/24 12:24:35 mha Exp $ |
15 | 15 | * |
16 | 16 | * Since the server static private key ($DataDir/server.key) |
17 | 17 | * will normally be stored unencrypted so that the database |
|
45 | 45 | * amounts of data are sent with the same session key, the |
46 | 46 | * session keys are periodically renegotiated. |
47 | 47 | * |
48 | | - * PATCH LEVEL |
49 | | - * milestone 1: fix basic coding errors |
50 | | - * [*] existing SSL code pulled out of existing files. |
51 | | - * [*] SSL_get_error() after SSL_read() and SSL_write(), |
52 | | - * SSL_shutdown(), default to TLSv1. |
53 | | - * |
54 | | - * milestone 2: provide endpoint authentication (server) |
55 | | - * [*] client verifies server cert |
56 | | - * [*] client verifies server hostname |
57 | | - * |
58 | | - * milestone 3: improve confidentially, support perfect forward secrecy |
59 | | - * [ ] use 'random' file, read from '/dev/urandom?' |
60 | | - * [*] emphermal DH keys, default values |
61 | | - * [*] periodic renegotiation |
62 | | - * [*] private key permissions |
63 | | - * |
64 | | - * milestone 4: provide endpoint authentication (client) |
65 | | - * [*] server verifies client certificates |
66 | | - * |
67 | | - * milestone 5: provide informational callbacks |
68 | | - * [*] provide informational callbacks |
69 | | - * |
70 | | - * other changes |
71 | | - * [ ] tcp-wrappers |
72 | | - * [ ] more informative psql |
73 | | - * |
74 | 48 | *------------------------------------------------------------------------- |
75 | 49 | */ |
76 | 50 |
|
|