On Wed, Jan 28, 2015 at 04:10:42PM -0500, Tom Lane wrote:
> David Fetter <david@fetter.org> writes:
> > While investigating another project, namely adding pg_hba.conf support
> > to pgbouncer, I ran into a stumbling block others probably will, too:
> > the hba code is backend-only, which means that if I were to do this
> > as-is, I would be cooking a batch of very unappetizing copypasta.
>
> > I'm allergic to copypasta, so unless there are big objections, I'd
> > like to export those functions to make hba available to other code.
>
> How exactly would exporting those functions help anything client-side?
Right now, pgbouncer, and aspirational things like it--other
connection poolers, maybe distributed transaction managers, etc.--can
fairly easily act almost like a direct connection to PostgreSQL,
except for some important exceptions. One that's cropped up several
times is the ability to gate auth by network and user, that being what
pg_hba.conf allows.
A conversation with Andrew Dunstan since I posted convinced me that
the amount of work to separate this cleanly and have it perform
somewhere in the close range of as well as it does now could be pretty
significant.
Cheers,
David.
--
David Fetter <david@fetter.org> http://fetter.org/
Phone: +1 415 235 3778 AIM: dfetter666 Yahoo!: dfetter
Skype: davidfetter XMPP: david.fetter@gmail.com
Remember to vote!
Consider donating to Postgres: http://www.postgresql.org/about/donate
