| From: | "Drouvot, Bertrand" <bertranddrouvot(dot)pg(at)gmail(dot)com> |
|---|---|
| To: | Michael Paquier <michael(at)paquier(dot)xyz> |
| Cc: | Jacob Champion <jchampion(at)timescale(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Patch proposal: make use of regular expressions for the username in pg_hba.conf |
| Date: | 2022-09-19 07:36:10 |
| Message-ID: | a5df2479-1ae0-07d4-2902-1692035399a1@gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi,
On 9/17/22 8:53 AM, Michael Paquier wrote:
> On Fri, Sep 16, 2022 at 06:24:07PM +0200, Drouvot, Bertrand wrote:
>> The CF bot is failing for Windows (all other tests are green) and only for
>> the new tap test related to the regular expression on the host name (the
>> ones on database and role are fine).
>>
>> The issue is not related to the patch. The issue is that the Windows Cirrus
>> test does not like when a host name is provided for a "host" entry in
>> pg_hba.conf (while it works fine when a CIDR is provided).
>>
>> You can see an example in [1] where the only change is to replace the CIDR
>> by "localhost" in 002_scram.pl. As you can see the Cirrus tests are failing
>> on Windows only (its log file is here [2]).
>>
>> I'll look at this "Windows" related issue but would appreciate any
>> guidance/help if someone has experience in this area on windows.
>
> I recall that being able to do a reverse lookup of a hostname on
> Windows for localhost requires a few extra setup steps as that's not
> guaranteed to be set in all environments by default, which is why we
> go at great length to use 127.0.0.1 in the TAP test setup for example
> (see Cluster.pm). Looking at your patch, the goal is to test the
> mapping of regular expression for host names, user names and database
> names. If the first case is not guaranteed, my guess is that it is
> fine to skip this portion of the tests on Windows.
Thanks for looking at it!
That sounds reasonable, v3 attached is skipping the regular expression
tests for the hostname on Windows.
>
> While reading the patch, I am a bit confused about token_regcomp() and
> token_regexec(). It would help the review a lot if these were
> documented with proper comments, even if these act roughly as wrappers
> for pg_regexec() and pg_regcomp().
Fully agree, comments were missing. They've been added in v3 attached.
Regards,
--
Bertrand Drouvot
PostgreSQL Contributors Team
RDS Open Source Databases
Amazon Web Services: https://aws.amazon.com
| Attachment | Content-Type | Size |
|---|---|---|
| v3-0001-hba_with_regexp.patch | text/plain | 22.5 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Thomas Munro | 2022-09-19 07:40:11 | Re: Tree-walker callbacks vs -Wdeprecated-non-prototype |
| Previous Message | Thomas Munro | 2022-09-19 07:30:09 | Re: Tree-walker callbacks vs -Wdeprecated-non-prototype |