Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
Greenplum
Gpdb
提交
a3b681f0
G
Gpdb
项目概览
Greenplum
/
Gpdb
通知
7
Star
1
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
G
Gpdb
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
a3b681f0
编写于
5月 04, 2011
作者:
P
Peter Eisentraut
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Link some tables into the surrounding text by their id
上级
04be7ac2
变更
9
显示空白变更内容
内联
并排
Showing
9 changed file
with
137 addition
and
102 deletion
+137
-102
doc/src/sgml/earthdistance.sgml
doc/src/sgml/earthdistance.sgml
+4
-2
doc/src/sgml/hstore.sgml
doc/src/sgml/hstore.sgml
+6
-0
doc/src/sgml/intarray.sgml
doc/src/sgml/intarray.sgml
+6
-0
doc/src/sgml/libpq.sgml
doc/src/sgml/libpq.sgml
+95
-87
doc/src/sgml/ltree.sgml
doc/src/sgml/ltree.sgml
+3
-3
doc/src/sgml/monitoring.sgml
doc/src/sgml/monitoring.sgml
+4
-3
doc/src/sgml/pgtrgm.sgml
doc/src/sgml/pgtrgm.sgml
+6
-0
doc/src/sgml/runtime.sgml
doc/src/sgml/runtime.sgml
+12
-6
doc/src/sgml/textsearch.sgml
doc/src/sgml/textsearch.sgml
+1
-1
未找到文件。
doc/src/sgml/earthdistance.sgml
浏览文件 @
a3b681f0
...
...
@@ -55,7 +55,8 @@
</para>
<para>
The following functions are provided:
The provided functions are shown
in <xref linkend="earthdistance-cube-functions">.
</para>
<table id="earthdistance-cube-functions">
...
...
@@ -148,7 +149,8 @@
</para>
<para>
A single operator is provided:
A single operator is provided, shown
in <xref linkend="earthdistance-point-operators">.
</para>
<table id="earthdistance-point-operators">
...
...
doc/src/sgml/hstore.sgml
浏览文件 @
a3b681f0
...
...
@@ -85,6 +85,12 @@ key => NULL
<sect2>
<title><type>hstore</> Operators and Functions</title>
<para>
The operators provided by the <literal>hstore</literal> module are
shown in <xref linkend="hstore-op-table">, the functions
in <xref linkend="hstore-func-table">.
</para>
<table id="hstore-op-table">
<title><type>hstore</> Operators</title>
...
...
doc/src/sgml/intarray.sgml
浏览文件 @
a3b681f0
...
...
@@ -27,6 +27,12 @@
<sect2>
<title><filename>intarray</> Functions and Operators</title>
<para>
The functions provided by the <filename>intarray</filename> module
are shown in <xref linkend="intarray-func-table">, the operators
in <xref linkend="intarray-op-table">.
</para>
<table id="intarray-func-table">
<title><filename>intarray</> Functions</title>
...
...
doc/src/sgml/libpq.sgml
浏览文件 @
a3b681f0
...
...
@@ -385,63 +385,70 @@ PGconn *PQconnectdbParams(const char **keywords, const char **values, int expand
This option determines whether or with what priority a secure
<acronym>SSL</> TCP/IP connection will be negotiated with the
server. There are six modes:
</para>
<table id="libpq-connect-sslmode-options">
<title><literal>sslmode</literal> Options</title>
<tgroup cols="2">
<thead>
<row>
<entry>Option</entry>
<entry>Description</entry>
</row>
</thead>
<tbody>
<row>
<entry><literal>disable</></entry>
<entry>only try a non-<acronym>SSL</> connection</entry>
</row>
<row>
<entry><literal>allow</></entry>
<entry>first try a non-<acronym>SSL</>
connection; if that fails, try an <acronym>SSL</>
connection</entry>
</row>
<row>
<entry><literal>prefer</> (default)</entry>
<entry>first try an <acronym>SSL</> connection; if
that fails, try a non-<acronym>SSL</>
connection</entry>
</row>
<variablelist>
<varlistentry>
<term><literal>disable</literal></term>
<listitem>
<para>
only try a non-<acronym>SSL</> connection
</para>
</listitem>
</varlistentry>
<row>
<entry><literal>require</></entry>
<entry>only try an <acronym>SSL</> connection</entry>
</row>
<varlistentry>
<term><literal>allow</literal></term>
<listitem>
<para>
first try a non-<acronym>SSL</> connection; if that
fails, try an <acronym>SSL</> connection
</para>
</listitem>
</varlistentry>
<row>
<entry><literal>verify-ca</></entry>
<entry>only try an <acronym>SSL</> connection, and verify that
the server certificate is issued by a trusted certificate
authority (<acronym>CA</>)</entry>
</row>
<varlistentry>
<term><literal>prefer</literal> (default)</term>
<listitem>
<para>
first try an <acronym>SSL</> connection; if that fails,
try a non-<acronym>SSL</> connection
</para>
</listitem>
</varlistentry>
<row>
<entry><literal>verify-full</></entry>
<entry>only try an <acronym>SSL</> connection, verify that
the server certificate is issued by a trusted <acronym>CA</> and
that the server host name matches that in the certificate</entry>
</row>
<varlistentry>
<term><literal>require</literal></term>
<listitem>
<para>
only try an <acronym>SSL</> connection
</para>
</listitem>
</varlistentry>
</tbody>
</tgroup>
</table>
<varlistentry>
<term><literal>verify-ca</literal></term>
<listitem>
<para>
only try an <acronym>SSL</> connection, and verify that
the server certificate is issued by a trusted
certificate authority (<acronym>CA</>)
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><literal>verify-full</literal></term>
<listitem>
<para>
only try an <acronym>SSL</> connection, verify that the
server certificate is issued by a
trusted <acronym>CA</> and that the server host name
matches that in the certificate
</para>
</listitem>
</varlistentry>
</variablelist>
See <xref linkend="libpq-ssl"> for a detailed description of how
these options work.
</para>
...
...
@@ -6773,30 +6780,23 @@ ldap://ldap.acme.com/cn=dbserver,cn=hosts?pgconnectinfo?base?(objectclass=*)
The different values for the <literal>sslmode</> parameter provide different
levels of protection. SSL can provide
protection against three types of attacks:
</para>
<table id="libpq-ssl-protect-attacks">
<title>SSL Attacks</title>
<tgroup cols="2">
<thead>
<row>
<entry>Type</entry>
<entry>Description</entry>
</row>
</thead>
<tbody>
<row>
<entry>Eavesdropping</entry>
<entry>If a third party can examine the network traffic between the
<variablelist>
<varlistentry>
<term>Eavesdropping</term>
<listitem>
<para>If a third party can examine the network traffic between the
client and the server, it can read both connection information (including
the user name and password) and the data that is passed. <acronym>SSL</>
uses encryption to prevent this.
</entry>
</row>
</para>
</listitem>
</varlistentry>
<row>
<entry>Man in the middle (<acronym>MITM</>)</entry>
<entry>If a third party can modify the data while passing between the
<varlistentry>
<term>Man in the middle (<acronym>MITM</>)</term>
<listitem>
<para>If a third party can modify the data while passing between the
client and server, it can pretend to be the server and therefore see and
modify data <emphasis>even if it is encrypted</>. The third party can then
forward the connection information and data to the original server,
...
...
@@ -6805,21 +6805,23 @@ ldap://ldap.acme.com/cn=dbserver,cn=hosts?pgconnectinfo?base?(objectclass=*)
to a different server than intended. There are also several other
attack methods that can accomplish this. <acronym>SSL</> uses certificate
verification to prevent this, by authenticating the server to the client.
</entry>
</row>
</para>
</listitem>
</varlistentry>
<row>
<entry>Impersonation</entry>
<entry>If a third party can pretend to be an authorized client, it can
<varlistentry>
<term>Impersonation</term>
<listitem>
<para>If a third party can pretend to be an authorized client, it can
simply access data it should not have access to. Typically this can
happen through insecure password management. <acronym>SSL</> uses
client certificates to prevent this, by making sure that only holders
of valid certificates can access the server.
</
entry
>
</
row
>
</
tbod
y>
</
tgroup
>
</
table
>
</
para
>
</
listitem
>
</
varlistentr
y>
</
variablelist
>
</
para
>
<para>
For a connection to be known secure, SSL usage must be configured
...
...
@@ -6844,9 +6846,9 @@ ldap://ldap.acme.com/cn=dbserver,cn=hosts?pgconnectinfo?base?(objectclass=*)
<para>
All <acronym>SSL</> options carry overhead in the form of encryption and
key-exchange, so there is a tradeoff that has to be made between performance
and security.
The following table illustrates the risks the different
<literal>sslmode</> values protect against, and what statement they make
about security and overhead:
and security.
<xref linkend="libpq-ssl-sslmode-statements">
illustrates the risks the different <literal>sslmode</> values
protect against, and what statement they make about security and overhead.
</para>
<table id="libpq-ssl-sslmode-statements">
...
...
@@ -6942,6 +6944,12 @@ ldap://ldap.acme.com/cn=dbserver,cn=hosts?pgconnectinfo?base?(objectclass=*)
<sect2 id="libpq-ssl-fileusage">
<title>SSL Client File Usage</title>
<para>
<xref linkend="libpq-ssl-file-usage"> summarizes the files that are
relevant to the SSL setup on the client.
</para>
<table id="libpq-ssl-file-usage">
<title>Libpq/Client SSL File Usage</title>
<tgroup cols="3">
...
...
doc/src/sgml/ltree.sgml
浏览文件 @
a3b681f0
...
...
@@ -182,8 +182,8 @@ Europe & Russia*@ & !Transportation
<literal>=</>, <literal><></literal>,
<literal><</>, <literal>></>, <literal><=</>, <literal>>=</>.
Comparison sorts in the order of a tree traversal, with the children
of a node sorted by label text. In addition, the
re are the following
specialized operators:
of a node sorted by label text. In addition, the
specialized
operators shown in <xref linkend="ltree-op-table"> are available.
</para>
<table id="ltree-op-table">
...
...
@@ -362,7 +362,7 @@ Europe & Russia*@ & !Transportation
</para>
<para>
The
following functions are available:
The
available functions are shown in <xref linkend="ltree-func-table">.
</para>
<table id="ltree-func-table">
...
...
doc/src/sgml/monitoring.sgml
浏览文件 @
a3b681f0
...
...
@@ -1357,9 +1357,10 @@ SELECT pg_stat_get_backend_pid(s.backendid) AS procpid,
<para>
A number of standard probes are provided in the source code,
as shown in <xref linkend="dtrace-probe-point-table">.
More can certainly be added to enhance <productname>PostgreSQL</>'s
observability.
as shown in <xref linkend="dtrace-probe-point-table">;
<xref linkend="typedefs-table">
shows the types used in the probes. More probes can certainly be
added to enhance <productname>PostgreSQL</>'s observability.
</para>
<table id="dtrace-probe-point-table">
...
...
doc/src/sgml/pgtrgm.sgml
浏览文件 @
a3b681f0
...
...
@@ -43,6 +43,12 @@
<sect2>
<title>Functions and Operators</title>
<para>
The functions provided by the <filename>pg_trgm</filename> module
are shown in <xref linkend="pgtrgm-func-table">, the operators
in <xref linkend="pgtrgm-op-table">.
</para>
<table id="pgtrgm-func-table">
<title><filename>pg_trgm</filename> Functions</title>
<tgroup cols="3">
...
...
doc/src/sgml/runtime.sgml
浏览文件 @
a3b681f0
...
...
@@ -2097,11 +2097,10 @@ pg_dumpall -p 5432 | psql -d postgres -p 5433
<sect2 id="ssl-server-files">
<title>SSL Server File Usage</title>
<para>
The files <filename>server.key</>, <filename>server.crt</>,
<filename>root.crt</filename>, and <filename>root.crl</filename>
are only examined during server start; so you must restart
the server for changes in them to take effect.
<xref linkend="ssl-file-usage"> summarizes the files that are
relevant to the SSL setup on the server.
</para>
<table id="ssl-file-usage">
...
...
@@ -2146,6 +2145,13 @@ pg_dumpall -p 5432 | psql -d postgres -p 5433
</tbody>
</tgroup>
</table>
<para>
The files <filename>server.key</>, <filename>server.crt</>,
<filename>root.crt</filename>, and <filename>root.crl</filename>
are only examined during server start; so you must restart
the server for changes in them to take effect.
</para>
</sect2>
<sect2 id="ssl-certificate-creation">
...
...
doc/src/sgml/textsearch.sgml
浏览文件 @
a3b681f0
...
...
@@ -1799,7 +1799,7 @@ LIMIT 10;
<para>
The built-in parser is named <literal>pg_catalog.default</>.
It recognizes 23 token types
:
It recognizes 23 token types
, shown in <xref linkend="textsearch-default-parser">.
</para>
<table id="textsearch-default-parser">
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录