As a small addition to the pg_hba.conf host name feature, I figured it
would be useful to allow "all" in the host column, instead of having to
write 0.0.0.0/0 and ::/0. Patch attached.
diff --git a/doc/src/sgml/client-auth.sgml b/doc/src/sgml/client-auth.sgml
index ab96af8..228cfff 100644
--- a/doc/src/sgml/client-auth.sgml
+++ b/doc/src/sgml/client-auth.sgml
@@ -257,7 +257,7 @@ hostnossl <replaceable>database</replaceable> <replaceable>user</replaceable>
</para>
<para>
- You can also write
+ You can also write <literal>all</literal> to match any IP address,
<literal>samehost</literal> to match any of the server's own IP
addresses, or <literal>samenet</literal> to match any address in any
subnet that the server is directly connected to.
diff --git a/src/backend/libpq/hba.c b/src/backend/libpq/hba.c
index 3f50349..38eaa95 100644
--- a/src/backend/libpq/hba.c
+++ b/src/backend/libpq/hba.c
@@ -879,8 +879,11 @@ parse_hba_line(List *line, int line_num, HbaLine *parsedline)
}
token = lfirst(line_item);
- /* Is it equal to 'samehost' or 'samenet'? */
- if (strcmp(token, "samehost\n") == 0)
+ if (strcmp(token, "all\n") == 0)
+ {
+ parsedline->ip_cmp_method = ipCmpAll;
+ }
+ else if (strcmp(token, "samehost\n") == 0)
{
/* Any IP on this host is allowed to connect */
parsedline->ip_cmp_method = ipCmpSameHost;
@@ -1497,6 +1500,8 @@ check_hba(hbaPort *port)
continue;
}
break;
+ case ipCmpAll:
+ break;
case ipCmpSameHost:
case ipCmpSameNet:
if (!check_same_host_or_net(&port->raddr,
diff --git a/src/include/libpq/hba.h b/src/include/libpq/hba.h
index eb6637f..aa60d8d 100644
--- a/src/include/libpq/hba.h
+++ b/src/include/libpq/hba.h
@@ -36,7 +36,8 @@ typedef enum IPCompareMethod
{
ipCmpMask,
ipCmpSameHost,
- ipCmpSameNet
+ ipCmpSameNet,
+ ipCmpAll
} IPCompareMethod;
typedef enum ConnType
--
Sent via pgsql-hackers mailing list ([email protected])
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
