CIDR in pg_hba.conf - Mailing list pgsql-hackers

From Andrew Dunstan
Subject CIDR in pg_hba.conf
Date
Msg-id 00ac01c3149f$af241940$6401a8c0@DUNSLANE
Whole thread Raw
Responses Re: CIDR in pg_hba.conf
Re: CIDR in pg_hba.conf
Re: CIDR in pg_hba.conf
List pgsql-hackers
Looking through the TODO list I noticed this item apparently unclaimed:

*  Allow CIDR format to be used in pg_hba.conf

I can look at doing this, having done similar code some years ago.

Internally, it seems the best thing to do would be to turn the /nn into a
conventional netmask of the right family. I guess I'd add a utility routine
to ip.c for that.

The syntax for pg_hba.conf would change slightly, to allow these forms:

host    database  user  CIDR-address  authentication-method
[authentication-option]
hostssl  database  user  CIDR-address  authentication-method
[authentication-option]

So in hba.c, if we found a / in the IP address, we wouldn't go looking for a
separate netmask field.

cheers

andrew



pgsql-hackers by date:

Previous
From: "Jim C. Nasby"
Date:
Subject: Re: [PERFORM] Hypothetical suggestions for planner, indexing improvement
Next
From: Tom Lane
Date:
Subject: Re: 7.4 features list