Tom Lane wrote:
I was just poking at this.
Thanks for trying it out.
It seems to need rather a lot of
editorialization (eg to fix the lack of consistency about whether
nonstandard headers have configure tests, or bother to make use of the
tests that did get added).
I've now added tests
At 2009-09-30 11:16:57 -0500, stef-l...@memberwebs.com wrote:
I've now added tests for sys/ioctl.h and net/if.h even though these
headers seemed to be common to all the unixes investigated.
Thanks. I've marked this ready for committer now.
FWIW, there are checks for various bad netmasks. I
Stef Walter stef-l...@memberwebs.com writes:
[ postgres-hba-samenet-8.patch ]
Applied with some mostly-cosmetic editorialization.
regards, tom lane
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
On Mon, Sep 28, 2009 at 10:10 PM, Stef Walter stef-l...@memberwebs.com wrote:
* Win32 using win_wsa2.dll
I assume you mean ws2_32.dll?
--
Dave Page
EnterpriseDB UK: http://www.enterprisedb.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your
Dave Page wrote:
On Mon, Sep 28, 2009 at 10:10 PM, Stef Walter stef-l...@memberwebs.com
wrote:
* Win32 using win_wsa2.dll
I assume you mean ws2_32.dll?
Yes. I get dyslexic around windows DLLs. :)
Stef
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make
On Mon, Sep 28, 2009 at 4:04 PM, Stef Walter stef-l...@memberwebs.com wrote:
Robert Haas wrote:
So is this one Ready for Committer?
Here we go, I think this one is ready. In addition to previous patches,
it does:
* Use some techniques from postfix for getting interface addresses.
Robert Haas robertmh...@gmail.com writes:
On Mon, Sep 28, 2009 at 4:04 PM, Stef Walter stef-l...@memberwebs.com wrote:
* Tested on Solaris, FreeBSD, Linux and Windows. As far as I can tell
this should also work on Mac OS, HPUX and AIX, and probably others.
This look ready to you, too? If
Robert Haas wrote:
So is this one Ready for Committer?
Here we go, I think this one is ready. In addition to previous patches,
it does:
* Use some techniques from postfix for getting interface addresses.
Couldn't use code outright, due to license incompatibilities.
* Tested on Solaris,
Whoops I missed this email...
Robert Haas wrote:
Rereading the thread, it seems that the main question is whether there
are any platforms that we support that have neither getifaddrs or
SIOCGIFCONF, or where they don't work properly.
As far as I can tell, there are no non-ancient mainstream
On Thu, Sep 24, 2009 at 8:32 PM, Stef Walter stef-l...@memberwebs.com wrote:
Magnus Hagander wrote:
On Mon, Sep 21, 2009 at 20:12, Stef Walter stef-l...@memberwebs.com wrote:
This patch does not build on Windows, the error is:
ip.obj : error LNK2019: unresolved external symbol
Robert Haas wrote:
Attached patch contains a fix.
So is this one Ready for Committer?
Not yet. Two more things to do. Will work on them early next week:
* On Solaris the ioctl used only returns IPv4 addresses.
* Don't use hard coded buffers on win32 and ioctl.
Cheers,
Stef
--
Sent
Magnus Hagander wrote:
On Mon, Sep 21, 2009 at 20:12, Stef Walter stef-l...@memberwebs.com wrote:
This patch does not build on Windows, the error is:
ip.obj : error LNK2019: unresolved external symbol __imp__wsaio...@36
referenced
in function _pg_foreach_ifaddr
ip.obj : error LNK2019:
On Mon, Sep 21, 2009 at 20:12, Stef Walter stef-l...@memberwebs.com wrote:
snip
Updated in attached patch.
This patch does not build on Windows, the error is:
ip.obj : error LNK2019: unresolved external symbol __imp__wsaio...@36 referenced
in function _pg_foreach_ifaddr
ip.obj : error
Magnus Hagander wrote:
On Mon, Sep 21, 2009 at 20:12, Stef Walter stef-l...@memberwebs.com wrote:
snip
Updated in attached patch.
This patch does not build on Windows, the error is:
ip.obj : error LNK2019: unresolved external symbol __imp__wsaio...@36
referenced
in function
On Wed, Sep 23, 2009 at 18:41, Stef Walter stef-l...@memberwebs.com wrote:
Magnus Hagander wrote:
On Mon, Sep 21, 2009 at 20:12, Stef Walter stef-l...@memberwebs.com wrote:
snip
Updated in attached patch.
This patch does not build on Windows, the error is:
ip.obj : error LNK2019:
On Wed, Sep 23, 2009 at 12:41 PM, Stef Walter stef-l...@memberwebs.com wrote:
Currently people are adding 0.0.0.0 to a default pg_hba.conf file in
order to allow access from nearby machines, without running into the
maintenance problems of hard coding IP addresses. However using 0.0.0.0
is
Robert Haas wrote:
On Wed, Sep 23, 2009 at 12:41 PM, Stef Walter stef-l...@memberwebs.com
wrote:
Currently people are adding 0.0.0.0 to a default pg_hba.conf file in
order to allow access from nearby machines, without running into the
maintenance problems of hard coding IP addresses. However
On Wed, Sep 23, 2009 at 3:53 PM, Stef Walter stef-l...@memberwebs.com wrote:
Robert Haas wrote:
On Wed, Sep 23, 2009 at 12:41 PM, Stef Walter stef-l...@memberwebs.com
wrote:
Currently people are adding 0.0.0.0 to a default pg_hba.conf file in
order to allow access from nearby machines,
Stef Walter stef-l...@memberwebs.com writes:
Allowing host names in pg_hba.conf would also solve this problem,
although the last person who tried to implement this it was a topic of
contention. I asked if I should focus on reverse DNS host names in
pg_hba.conf or portability for this samenet
If looking for representation -
I consider the default pg_hba.conf to be problematic. Newbies start with
trust access, and then do silly things to open it up.
I would use samehost, and if samenet worked the same way it does for
Postfix, I would probably use samenet. This information can be
Tom Lane wrote:
In this case what particularly scares me is the idea that 'samenet'
might be interpreted to let in a larger subnet than the user expected,
eg 10/8 instead of 10.0.0/24. You'd likely not notice the problem until
after you'd been broken into ...
I haven't looked at this
Andrew Dunstan and...@dunslane.net writes:
Tom Lane wrote:
In this case what particularly scares me is the idea that 'samenet'
might be interpreted to let in a larger subnet than the user expected,
eg 10/8 instead of 10.0.0/24. You'd likely not notice the problem until
after you'd been
On 09/23/2009 05:37 PM, Andrew Dunstan wrote:
Tom Lane wrote:
In this case what particularly scares me is the idea that 'samenet'
might be interpreted to let in a larger subnet than the user expected,
eg 10/8 instead of 10.0.0/24. You'd likely not notice the problem until
after you'd been
Mark Mielke m...@mark.mielke.cc writes:
Postfix has this capability and it works fine.
Hmm, have we looked at the Postfix code to see exactly how they do it?
I'd be a *lot* more comfortable adopting logic that's been proven in the
field than something written from scratch.
On 09/23/2009 05:40 PM, Tom Lane wrote:
I haven't looked at this feature at all, but I'd be inclined, on the
grounds you quite reasonably cite, to require a netmask with samenet,
rather than just ask the interface for its netmask.
I was just thinking the same thing. Could we then unify
Tom Lane wrote:
Mark Mielke m...@mark.mielke.cc writes:
Postfix has this capability and it works fine.
Hmm, have we looked at the Postfix code to see exactly how they do it?
I'd be a *lot* more comfortable adopting logic that's been proven in the
field than something written from scratch.
Tom Lane wrote:
Stef Walter stef-l...@memberwebs.com writes:
Allowing host names in pg_hba.conf would also solve this problem,
although the last person who tried to implement this it was a topic of
contention. I asked if I should focus on reverse DNS host names in
pg_hba.conf or portability
Stef Walter stef-l...@memberwebs.com writes:
But if you like I can add additional defensive checks in the code to
ignore those obviously invalid netmasks like /0. Basically the OS would
be giving postgres bad information. Does postgres generally try to guard
against this? I'll follow the
On Wed, Sep 23, 2009 at 7:56 PM, Stef Walter stef-l...@memberwebs.com wrote:
Tom Lane wrote:
Stef Walter stef-l...@memberwebs.com writes:
Allowing host names in pg_hba.conf would also solve this problem,
although the last person who tried to implement this it was a topic of
contention. I
Thanks for your review!
Abhijit Menon-Sen wrote:
First, it needs to be reformatted to not use a space before the opening
parentheses in (some) function calls and definitions.
Fixed in the attached patch.
*** a/doc/src/sgml/client-auth.sgml
--- b/doc/src/sgml/client-auth.sgml
[...]
I'd
On Sun, Sep 20, 2009 at 05:59, Abhijit Menon-Sen a...@toroid.org wrote:
I think the patch is more or less ready, but I have a few minor
comments:
First, it needs to be reformatted to not use a space before the opening
parentheses in (some) function calls and definitions.
***
(This is my review of the latest version of Stef Walter's samehost/net
patch, posted on 2009-09-17. See
http://archives.postgresql.org/message-id/4ab28043.3050...@memberwebs.com
for the original message.)
The patch applies and builds cleanly, and the samehost/samenet keywords
in pg_hba.conf work
32 matches
Mail list logo