diff --git a/doc/src/sgml/earthdistance.sgml b/doc/src/sgml/earthdistance.sgml
index 5b50da0510b6845ffc3b765cee8d3cafdf973076..48d9e6b3573e1c14b0ecf2af4ab084db509eb6f7 100644
--- a/doc/src/sgml/earthdistance.sgml
+++ b/doc/src/sgml/earthdistance.sgml
@@ -55,7 +55,8 @@
</para>
<para>
- The following functions are provided:
+ The provided functions are shown
+ in <xref linkend="earthdistance-cube-functions">.
</para>
<table id="earthdistance-cube-functions">
@@ -148,7 +149,8 @@
</para>
<para>
- A single operator is provided:
+ A single operator is provided, shown
+ in <xref linkend="earthdistance-point-operators">.
</para>
<table id="earthdistance-point-operators">
diff --git a/doc/src/sgml/hstore.sgml b/doc/src/sgml/hstore.sgml
index f00b06aa7aa51791395c00852adaefc5de89b6d0..acd931a99093ab2767288a25012fba7f75e3157f 100644
--- a/doc/src/sgml/hstore.sgml
+++ b/doc/src/sgml/hstore.sgml
@@ -85,6 +85,12 @@ key => NULL
<sect2>
<title><type>hstore</> Operators and Functions</title>
+ <para>
+ The operators provided by the <literal>hstore</literal> module are
+ shown in <xref linkend="hstore-op-table">, the functions
+ in <xref linkend="hstore-func-table">.
+ </para>
+
<table id="hstore-op-table">
<title><type>hstore</> Operators</title>
diff --git a/doc/src/sgml/intarray.sgml b/doc/src/sgml/intarray.sgml
index 449878d671645854bd7e6c1269fa2ac583fd9b34..5ad738d918628791396bfc3ba8f3ced914565003 100644
--- a/doc/src/sgml/intarray.sgml
+++ b/doc/src/sgml/intarray.sgml
@@ -27,6 +27,12 @@
<sect2>
<title><filename>intarray</> Functions and Operators</title>
+ <para>
+ The functions provided by the <filename>intarray</filename> module
+ are shown in <xref linkend="intarray-func-table">, the operators
+ in <xref linkend="intarray-op-table">.
+ </para>
+
<table id="intarray-func-table">
<title><filename>intarray</> Functions</title>
diff --git a/doc/src/sgml/libpq.sgml b/doc/src/sgml/libpq.sgml
index 19eb9447e8d8410d06d72d27da93dc81cc5c43df..ba0cfc99cdb1a854bc6239e6a8aaa92dccf09d4a 100644
--- a/doc/src/sgml/libpq.sgml
+++ b/doc/src/sgml/libpq.sgml
@@ -385,63 +385,70 @@ PGconn *PQconnectdbParams(const char **keywords, const char **values, int expand
This option determines whether or with what priority a secure
<acronym>SSL</> TCP/IP connection will be negotiated with the
server. There are six modes:
- </para>
- <table id="libpq-connect-sslmode-options">
- <title><literal>sslmode</literal> Options</title>
- <tgroup cols="2">
- <thead>
- <row>
- <entry>Option</entry>
- <entry>Description</entry>
- </row>
- </thead>
-
- <tbody>
-
- <row>
- <entry><literal>disable</></entry>
- <entry>only try a non-<acronym>SSL</> connection</entry>
- </row>
-
- <row>
- <entry><literal>allow</></entry>
- <entry>first try a non-<acronym>SSL</>
- connection; if that fails, try an <acronym>SSL</>
- connection</entry>
- </row>
-
- <row>
- <entry><literal>prefer</> (default)</entry>
- <entry>first try an <acronym>SSL</> connection; if
- that fails, try a non-<acronym>SSL</>
- connection</entry>
- </row>
-
- <row>
- <entry><literal>require</></entry>
- <entry>only try an <acronym>SSL</> connection</entry>
- </row>
-
- <row>
- <entry><literal>verify-ca</></entry>
- <entry>only try an <acronym>SSL</> connection, and verify that
- the server certificate is issued by a trusted certificate
- authority (<acronym>CA</>)</entry>
- </row>
-
- <row>
- <entry><literal>verify-full</></entry>
- <entry>only try an <acronym>SSL</> connection, verify that
- the server certificate is issued by a trusted <acronym>CA</> and
- that the server host name matches that in the certificate</entry>
- </row>
-
- </tbody>
- </tgroup>
- </table>
+ <variablelist>
+ <varlistentry>
+ <term><literal>disable</literal></term>
+ <listitem>
+ <para>
+ only try a non-<acronym>SSL</> connection
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><literal>allow</literal></term>
+ <listitem>
+ <para>
+ first try a non-<acronym>SSL</> connection; if that
+ fails, try an <acronym>SSL</> connection
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><literal>prefer</literal> (default)</term>
+ <listitem>
+ <para>
+ first try an <acronym>SSL</> connection; if that fails,
+ try a non-<acronym>SSL</> connection
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><literal>require</literal></term>
+ <listitem>
+ <para>
+ only try an <acronym>SSL</> connection
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><literal>verify-ca</literal></term>
+ <listitem>
+ <para>
+ only try an <acronym>SSL</> connection, and verify that
+ the server certificate is issued by a trusted
+ certificate authority (<acronym>CA</>)
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><literal>verify-full</literal></term>
+ <listitem>
+ <para>
+ only try an <acronym>SSL</> connection, verify that the
+ server certificate is issued by a
+ trusted <acronym>CA</> and that the server host name
+ matches that in the certificate
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
- <para>
See <xref linkend="libpq-ssl"> for a detailed description of how
these options work.
</para>
@@ -6773,30 +6780,23 @@ ldap://ldap.acme.com/cn=dbserver,cn=hosts?pgconnectinfo?base?(objectclass=*)
The different values for the <literal>sslmode</> parameter provide different
levels of protection. SSL can provide
protection against three types of attacks:
- </para>
- <table id="libpq-ssl-protect-attacks">
- <title>SSL Attacks</title>
- <tgroup cols="2">
- <thead>
- <row>
- <entry>Type</entry>
- <entry>Description</entry>
- </row>
- </thead>
- <tbody>
- <row>
- <entry>Eavesdropping</entry>
- <entry>If a third party can examine the network traffic between the
+ <variablelist>
+ <varlistentry>
+ <term>Eavesdropping</term>
+ <listitem>
+ <para>If a third party can examine the network traffic between the
client and the server, it can read both connection information (including
the user name and password) and the data that is passed. <acronym>SSL</>
uses encryption to prevent this.
- </entry>
- </row>
+ </para>
+ </listitem>
+ </varlistentry>
- <row>
- <entry>Man in the middle (<acronym>MITM</>)</entry>
- <entry>If a third party can modify the data while passing between the
+ <varlistentry>
+ <term>Man in the middle (<acronym>MITM</>)</term>
+ <listitem>
+ <para>If a third party can modify the data while passing between the
client and server, it can pretend to be the server and therefore see and
modify data <emphasis>even if it is encrypted</>. The third party can then
forward the connection information and data to the original server,
@@ -6805,21 +6805,23 @@ ldap://ldap.acme.com/cn=dbserver,cn=hosts?pgconnectinfo?base?(objectclass=*)
to a different server than intended. There are also several other
attack methods that can accomplish this. <acronym>SSL</> uses certificate
verification to prevent this, by authenticating the server to the client.
- </entry>
- </row>
+ </para>
+ </listitem>
+ </varlistentry>
- <row>
- <entry>Impersonation</entry>
- <entry>If a third party can pretend to be an authorized client, it can
+ <varlistentry>
+ <term>Impersonation</term>
+ <listitem>
+ <para>If a third party can pretend to be an authorized client, it can
simply access data it should not have access to. Typically this can
happen through insecure password management. <acronym>SSL</> uses
client certificates to prevent this, by making sure that only holders
of valid certificates can access the server.
- </entry>
- </row>
- </tbody>
- </tgroup>
- </table>
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </para>
<para>
For a connection to be known secure, SSL usage must be configured
@@ -6844,9 +6846,9 @@ ldap://ldap.acme.com/cn=dbserver,cn=hosts?pgconnectinfo?base?(objectclass=*)
<para>
All <acronym>SSL</> options carry overhead in the form of encryption and
key-exchange, so there is a tradeoff that has to be made between performance
- and security. The following table illustrates the risks the different
- <literal>sslmode</> values protect against, and what statement they make
- about security and overhead:
+ and security. <xref linkend="libpq-ssl-sslmode-statements">
+ illustrates the risks the different <literal>sslmode</> values
+ protect against, and what statement they make about security and overhead.
</para>
<table id="libpq-ssl-sslmode-statements">
@@ -6942,6 +6944,12 @@ ldap://ldap.acme.com/cn=dbserver,cn=hosts?pgconnectinfo?base?(objectclass=*)
<sect2 id="libpq-ssl-fileusage">
<title>SSL Client File Usage</title>
+
+ <para>
+ <xref linkend="libpq-ssl-file-usage"> summarizes the files that are
+ relevant to the SSL setup on the client.
+ </para>
+
<table id="libpq-ssl-file-usage">
<title>Libpq/Client SSL File Usage</title>
<tgroup cols="3">
diff --git a/doc/src/sgml/ltree.sgml b/doc/src/sgml/ltree.sgml
index d6b58c17d79f619b82717d8d5bac11cedb838bde..d00c91e9857d6dcc77faf8586dc0c61328df4be2 100644
--- a/doc/src/sgml/ltree.sgml
+++ b/doc/src/sgml/ltree.sgml
@@ -182,8 +182,8 @@ Europe & Russia*@ & !Transportation
<literal>=</>, <literal><></literal>,
<literal><</>, <literal>></>, <literal><=</>, <literal>>=</>.
Comparison sorts in the order of a tree traversal, with the children
- of a node sorted by label text. In addition, there are the following
- specialized operators:
+ of a node sorted by label text. In addition, the specialized
+ operators shown in <xref linkend="ltree-op-table"> are available.
</para>
<table id="ltree-op-table">
@@ -362,7 +362,7 @@ Europe & Russia*@ & !Transportation
</para>
<para>
- The following functions are available:
+ The available functions are shown in <xref linkend="ltree-func-table">.
</para>
<table id="ltree-func-table">
diff --git a/doc/src/sgml/monitoring.sgml b/doc/src/sgml/monitoring.sgml
index 319a57c6e23b70e632b81b6cf199bdb0df6b6d42..7d8b77e27efed5f14377efa7b7bb43835e009073 100644
--- a/doc/src/sgml/monitoring.sgml
+++ b/doc/src/sgml/monitoring.sgml
@@ -1357,9 +1357,10 @@ SELECT pg_stat_get_backend_pid(s.backendid) AS procpid,
<para>
A number of standard probes are provided in the source code,
- as shown in <xref linkend="dtrace-probe-point-table">.
- More can certainly be added to enhance <productname>PostgreSQL</>'s
- observability.
+ as shown in <xref linkend="dtrace-probe-point-table">;
+ <xref linkend="typedefs-table">
+ shows the types used in the probes. More probes can certainly be
+ added to enhance <productname>PostgreSQL</>'s observability.
</para>
<table id="dtrace-probe-point-table">
diff --git a/doc/src/sgml/pgtrgm.sgml b/doc/src/sgml/pgtrgm.sgml
index 9210899ec2402de92ca21314b327452bda48e9e0..581388c683f835d70913c562bcc9ae7d229836af 100644
--- a/doc/src/sgml/pgtrgm.sgml
+++ b/doc/src/sgml/pgtrgm.sgml
@@ -43,6 +43,12 @@
<sect2>
<title>Functions and Operators</title>
+ <para>
+ The functions provided by the <filename>pg_trgm</filename> module
+ are shown in <xref linkend="pgtrgm-func-table">, the operators
+ in <xref linkend="pgtrgm-op-table">.
+ </para>
+
<table id="pgtrgm-func-table">
<title><filename>pg_trgm</filename> Functions</title>
<tgroup cols="3">
diff --git a/doc/src/sgml/runtime.sgml b/doc/src/sgml/runtime.sgml
index 143090e99ac09c7741cf1d0b5644b6caf9b71631..d18ba79f40226d369fabdf95fe82148e7dafdc8a 100644
--- a/doc/src/sgml/runtime.sgml
+++ b/doc/src/sgml/runtime.sgml
@@ -2097,12 +2097,11 @@ pg_dumpall -p 5432 | psql -d postgres -p 5433
<sect2 id="ssl-server-files">
<title>SSL Server File Usage</title>
- <para>
- The files <filename>server.key</>, <filename>server.crt</>,
- <filename>root.crt</filename>, and <filename>root.crl</filename>
- are only examined during server start; so you must restart
- the server for changes in them to take effect.
- </para>
+
+ <para>
+ <xref linkend="ssl-file-usage"> summarizes the files that are
+ relevant to the SSL setup on the server.
+ </para>
<table id="ssl-file-usage">
<title>SSL Server File Usage</title>
@@ -2146,6 +2145,13 @@ pg_dumpall -p 5432 | psql -d postgres -p 5433
</tbody>
</tgroup>
</table>
+
+ <para>
+ The files <filename>server.key</>, <filename>server.crt</>,
+ <filename>root.crt</filename>, and <filename>root.crl</filename>
+ are only examined during server start; so you must restart
+ the server for changes in them to take effect.
+ </para>
</sect2>
<sect2 id="ssl-certificate-creation">
diff --git a/doc/src/sgml/textsearch.sgml b/doc/src/sgml/textsearch.sgml
index 1beebd21ee4d91a60920b89caff1492e2fabc3df..dba5bd6603ed72c3a050c99a1a0111e442024b41 100644
--- a/doc/src/sgml/textsearch.sgml
+++ b/doc/src/sgml/textsearch.sgml
@@ -1799,7 +1799,7 @@ LIMIT 10;
<para>
The built-in parser is named <literal>pg_catalog.default</>.
- It recognizes 23 token types:
+ It recognizes 23 token types, shown in <xref linkend="textsearch-default-parser">.
</para>
<table id="textsearch-default-parser">