Fix documentation and comments on what happens after GSS rejection
Heikki Linnakangas <heikki.linnakangas@iki.fi>
Fix documentation and comments on what happens after GSS rejection The paragraph in the docs and the comment applied to sslnegotiaton=direct, but not sslnegotiation=requiredirect. In 'requiredirect' mode, negotiated SSL is never used. Move the paragraph in the docs under the description of 'direct' mode, and rephrase it. Also the comment's reference to reusing a plaintext connection was bogus. Authentication failure in plaintext mode only happens after sending the startup packet, so the connection cannot be reused. Reported-by: Jacob Champion Discussion: https://www.postgresql.org/message-id/CAOYmi+=sj+1uydS0NR4nYzw-LRWp3Q-s5speBug5UCLSPMbvGA@mail.gmail.com
Files
| Path | Change | +/− |
|---|---|---|
| doc/src/sgml/libpq.sgml | modified | +9 −10 |
| src/interfaces/libpq/fe-connect.c | modified | +6 −5 |
Documentation touched
Discussion
- Direct SSL connection with ALPN and HBA rules 59 messages · 2024-04-19 → 2024-05-16