Skip site navigation (1) Skip section navigation (2)

Re: pg_hba.conf hostname todo

From: Andrew Dunstan <andrew(at)dunslane(dot)net>
To: "Joshua D(dot) Drake" <jd(at)commandprompt(dot)com>
Cc: pgsql-hackers(at)postgresql(dot)org
Subject: Re: pg_hba.conf hostname todo
Date: 2006-12-27 22:19:03
Message-ID: (view raw or whole thread)
Lists: pgsql-hackers
Joshua D. Drake wrote:
> Hello,
> Per the TODO list:
> Allow pg_hba.conf to specify host names along with IP addresses 
> Host name lookup could occur when the postmaster reads the pg_hba.conf
> file, or when the backend starts. Another solution would be to reverse
> lookup the connection IP and check that hostname against the host names
> in pg_hba.conf. We could also then check that the host name maps to the
> IP address.
> I was considering trying to attack this for 8.3. My thoughts are the
> following:
> Allow one to specify a FQDN or a simple wild card DN. E.g;
> *
> A valid entry would look like this:
> host    all         all         *          trust
> host	all	    all	     md5

Before we rehearse the discussion we had in June again, please review 
it. It ended on these sensible words from Tom at :

> > Personally, I doubt there's any great use case for DNS names. Like Tom 
> > says, if it involves much more that removing the AI_NUMERICHOST hint 
> > then let's forget it.
> Perhaps more to the point: let's do that and wait to see if the field
> demand justifies expending lots of sweat on anything smarter.  Given
> that we've gone this long with only allowing numeric IPs in pg_hba.conf,
> I suspect we'll find that few people really care.



In response to


pgsql-hackers by date

Next:From: Martijn van OosterhoutDate: 2006-12-27 22:26:45
Subject: Re: Load distributed checkpoint
Previous:From: Joshua D. DrakeDate: 2006-12-27 22:16:58
Subject: Re: pg_hba.conf hostname todo

Privacy Policy | About PostgreSQL
Copyright © 1996-2015 The PostgreSQL Global Development Group