Re: 7.4.3 & 8.0.0beta1 + Solaris 9: default pg_hba.conf breaks

Added to open items:

* Fix Solaris for single-host netmasks in pg_hba.conf, use CIDR?

---------------------------------------------------------------------------

Andrew Dunstan wrote:
>
>
> Tom Lane wrote:
>
> >Andrew Dunstan <andrew(at)dunslane(dot)net> writes:
> >
> >
> >>>Seems unlikely. I suppose you could argue that we shouldn't be using
> >>>getaddrinfo on the netmask field at all; there's certainly not any value
> >>>in doing a DNS lookup on it, for instance. Maybe we should go back to
> >>>using plain ol' inet_aton for it? (Nah, won't handle IPv6...)
> >>>
> >>>
> >
> >
> >
> >>We could do it if we tested the addr.ai_family first, and only did it in
> >>the IPv4 case. I agree calling getaddrinfo is overkill for masks.
> >>
> >>
> >
> >Huh? The reason we're using getaddrinfo in the first place is we don't
> >*know* whether we've got an IPv4 or IPv6 string ...
> >
> >
> >
> >
>
> We know the address family - in fact we pass it to SockAddr_cidr_mask().
> It's only the family of the mask that we don't know. But they had better
> be the same, of course. See hba.c around line 753:
>
> if (cidr_slash)
> {
> if (SockAddr_cidr_mask(&mask, cidr_slash + 1,
> addr.ss_family) < 0)
> goto hba_syntax;
> }
> else
> {
> /* Read the mask field. */
> line_item = lnext(line_item);
> if (!line_item)
> goto hba_syntax;
> token = lfirst(line_item);
>
> ret = getaddrinfo_all(token, NULL, &hints, &gai_result);
>
> cheers
>
> andrew
>

--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073