provider/postgresql: default ssl_mode is "prefer"

According to the libpq documentation, "prefer" is the default in the
underlying library and so setting a different default in the Terraform
layer would be a breaking change for existing users of this provider
whose servers do not have TLS correctly configured.

The docs now link to the libpq manual's discussion of the security
implications of each of the ssl_mode options, so the user can understand
the limitations of the "prefer" default and can make an informed decision
about which setting is appropriate for their situation.

builtin/providers/postgresql/provider.go

@@ -38,7 +38,7 @@ func Provider() terraform.ResourceProvider {
 			"ssl_mode": &schema.Schema{
 				Type:        schema.TypeString,
 				Optional:    true,
-				Default:     "require",
+				Default:     "prefer",
 				Description: "Connection mode for postgresql server",
 			},
 		},

website/source/docs/providers/postgresql/index.html.markdown

@@ -59,7 +59,9 @@ resource "postgresql_database" "my_db2" {
 The following arguments are supported:
 
 * `host` - (Required) The address for the postgresql server connection.
-* `port` - (Optional) The port for the postgresql server connection. (Default 5432)
+* `port` - (Optional) The port for the postgresql server connection. The default is `5432`.
 * `username` - (Required) Username for the server connection.
 * `password` - (Optional) Password for the server connection.
-* `ssl_mode` - (Optional) Set connection mode for postgresql server (Default "require", more options [lib/pq documentations](https://godoc.org/github.com/lib/pq)).
+* `ssl_mode` - (Optional) Set the priority for an SSL connection to the server.
+  The default is `prefer`; the full set of options and their implications
+  can be seen [in the libpq SSL guide](http://www.postgresql.org/docs/9.4/static/libpq-ssl.html#LIBPQ-SSL-PROTECTION).