From: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
---|---|
To: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Oliver Jowett <oliver(at)opencloud(dot)com>, Hackers <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: 7.4.3 & 8.0.0beta1 + Solaris 9: default pg_hba.conf |
Date: | 2004-08-19 17:04:17 |
Message-ID: | 4124DD91.80005@dunslane.net |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers pgsql-patches |
Bruce Momjian wrote:
>Added to open items:
>
> * Fix Solaris for single-host netmasks in pg_hba.conf, use CIDR?
>
>
At this stage of the game I would just change pg_hba.conf.sample to use
'127.0.0.1/32' instead of '127.0.0.1 255.255.255.255'. No need for a
Solaris-specific fix for the default setup if we do that, and I don't
have time right now to do what I suggested below.
cheers
andrew
>
>---------------------------------------------------------------------------
>
>Andrew Dunstan wrote:
>
>
>>Tom Lane wrote:
>>
>>
>>
>>>Andrew Dunstan <andrew(at)dunslane(dot)net> writes:
>>>
>>>
>>>
>>>
>>>>>Seems unlikely. I suppose you could argue that we shouldn't be using
>>>>>getaddrinfo on the netmask field at all; there's certainly not any value
>>>>>in doing a DNS lookup on it, for instance. Maybe we should go back to
>>>>>using plain ol' inet_aton for it? (Nah, won't handle IPv6...)
>>>>>
>>>>>
>>>>>
>>>>>
>>>
>>>
>>>
>>>
>>>>We could do it if we tested the addr.ai_family first, and only did it in
>>>>the IPv4 case. I agree calling getaddrinfo is overkill for masks.
>>>>
>>>>
>>>>
>>>>
>>>Huh? The reason we're using getaddrinfo in the first place is we don't
>>>*know* whether we've got an IPv4 or IPv6 string ...
>>>
>>>
>>>
>>>
>>>
>>>
>>We know the address family - in fact we pass it to SockAddr_cidr_mask().
>>It's only the family of the mask that we don't know. But they had better
>>be the same, of course. See hba.c around line 753:
>>
>> if (cidr_slash)
>> {
>> if (SockAddr_cidr_mask(&mask, cidr_slash + 1,
>>addr.ss_family) < 0)
>> goto hba_syntax;
>> }
>> else
>> {
>> /* Read the mask field. */
>> line_item = lnext(line_item);
>> if (!line_item)
>> goto hba_syntax;
>> token = lfirst(line_item);
>>
>> ret = getaddrinfo_all(token, NULL, &hints, &gai_result);
>>
>>cheers
>>
>>andrew
>>
>>
>>
>
>
>
From | Date | Subject | |
---|---|---|---|
Next Message | Joe Conway | 2004-08-19 17:10:29 | Re: [HACKERS] SRPM for 8.0.0 beta? |
Previous Message | Fabien COELHO | 2004-08-19 16:46:38 | tablespace and pg_dump/restore |
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2004-08-19 17:11:38 | Re: 7.4.3 & 8.0.0beta1 + Solaris 9: default pg_hba.conf breaks |
Previous Message | Bruce Momjian | 2004-08-19 16:35:36 | Re: [BUGS] 8.0.0beta1: -lpthread missing |