--- postgresql-7.2.3/src/backend/libpq/hba.c.orig	2002-01-09 12:13:40.000000000 -0700
+++ postgresql-7.2.3/src/backend/libpq/hba.c	2002-12-07 11:40:11.000000000 -0700
@@ -319,7 +319,8 @@
 			port->raddr.sa.sa_family != AF_UNIX)
 			return;
 	}
-	else if (strcmp(token, "host") == 0 || strcmp(token, "hostssl") == 0)
+	else if (strcmp(token, "host") == 0 || strcmp(token, "hostssl") == 0
+		|| strcmp(token, "hostnossl") == 0)
 	{
 		struct in_addr file_ip_addr,
 					mask;
@@ -341,6 +342,18 @@
 #endif
 		}
 
+		/* this else block's check is unnecessary if SSL isn't even available */
+#ifdef USE_SSL
+		else if (strcmp(token, "hostnossl") == 0)
+		{
+			/* Record does not match if we are on an SSL connection */
+			if (port->ssl)
+				return;
+
+			/* Since we were not on SSL, proceed as with normal 'host' mode */
+		}
+#endif
+
 		/* Get the database. */
 		line = lnext(line);
 		if (!line)