SSL support for ephemeral DH keys.

Bruce Momjian <bruce@momjian.us>

Commit: 55d053233ca78e9d6c8efc54f0f3f1079cc5e95d
Author: Bruce Momjian <bruce@momjian.us>
Date: 2002-06-14T04:31:49Z
Releases: 7.3.1
SSL support for ephemeral DH keys.

As the comment headers in be-secure.c discusses, EPH preserves
confidentiality even if the static private key (which is usually
kept unencrypted) is compromised.

Because of the value of this, common default values are hard-coded
to protect the confidentiality of the data even if an attacker
successfully deletes or modifies the external file.

Bear Giles

Files

PathChange+/−
src/backend/libpq/be-secure.c modified +257 −3
src/interfaces/libpq/fe-secure.c modified +219 −2