distinguish between all and "all" in pg_hba.conf - Mailing list pgsql-patches

From Andrew Dunstan
Subject distinguish between all and "all" in pg_hba.conf
Date
Msg-id 3FE31A37.6080608@dunslane.net
Whole thread Raw
Responses Re: distinguish between all and "all" in pg_hba.conf
List pgsql-patches
Tom Lane wrote:

>Andrew Dunstan <andrew@dunslane.net> writes:
>
>
>>The minimal disturbance change might be to teach the parser to
>>distinguish between a quoted 'all' and an unquoted 'all', and forget the
>>'*' idea.
>>
>>
>
>Probably we ought to go with that, on backwards-compatibility grounds.
>
>
>

OK, here's the patch. Should we also do this for "sameuser" and
"samegroup" for the sake of completness?

cheers

andrew
Index: hba.c
===================================================================
RCS file: /projects/cvsroot/pgsql-server/src/backend/libpq/hba.c,v
retrieving revision 1.118
diff -c -w -r1.118 hba.c
*** hba.c    5 Dec 2003 15:50:31 -0000    1.118
--- hba.c    19 Dec 2003 15:26:18 -0000
***************
*** 97,102 ****
--- 97,103 ----
      char       *end_buf = buf + (bufsz - 1);
      bool        in_quote = false;
      bool        was_quote = false;
+     bool        saw_quote = false;

      /* Move over initial whitespace and commas */
      while ((c = getc(fp)) != EOF && (pg_isblank(c) || c == ','))
***************
*** 149,155 ****
--- 150,159 ----
                  was_quote = false;

              if (c == '"')
+             {
                  in_quote = !in_quote;
+                 saw_quote = true;
+             }

              c = getc(fp);
          }
***************
*** 161,167 ****
--- 165,179 ----
          if (c != EOF)
              ungetc(c, fp);
      }
+
+
+     /* append newline to a magical "all" */
+
+     if ( !saw_quote && strncmp(start_buf,"all",3) == 0 )
+         *buf++ = '\n';
+
      *buf = '\0';
+
  }

  /*
***************
*** 446,452 ****
                  return true;
          }
          else if (strcmp(tok, user) == 0 ||
!                  strcmp(tok, "all") == 0)
              return true;
      }

--- 458,464 ----
                  return true;
          }
          else if (strcmp(tok, user) == 0 ||
!                  strcmp(tok, "all\n") == 0)
              return true;
      }

***************
*** 463,469 ****

      for (tok = strtok(param_str, MULTI_VALUE_SEP); tok != NULL; tok = strtok(NULL, MULTI_VALUE_SEP))
      {
!         if (strcmp(tok, "all") == 0)
              return true;
          else if (strcmp(tok, "sameuser") == 0)
          {
--- 475,481 ----

      for (tok = strtok(param_str, MULTI_VALUE_SEP); tok != NULL; tok = strtok(NULL, MULTI_VALUE_SEP))
      {
!         if (strcmp(tok, "all\n") == 0)
              return true;
          else if (strcmp(tok, "sameuser") == 0)
          {
Index: pg_hba.conf.sample
===================================================================
RCS file: /projects/cvsroot/pgsql-server/src/backend/libpq/pg_hba.conf.sample,v
retrieving revision 1.47
diff -c -w -r1.47 pg_hba.conf.sample
*** pg_hba.conf.sample    13 Sep 2003 16:43:38 -0000    1.47
--- pg_hba.conf.sample    19 Dec 2003 15:26:18 -0000
***************
*** 35,40 ****
--- 35,44 ----
  # encrypted passwords.  OPTION is the ident map or the name of the PAM
  # service.
  #
+ # Database and user names containing spaces, commas, quotes and other special
+ # characters can be quoted. Quoting "all" makes the name lose its special
+ # character, and just match a database or username called "all".
+ #
  # This file is read on server startup and when the postmaster receives
  # a SIGHUP signal.  If you edit the file on a running system, you have
  # to SIGHUP the postmaster for the changes to take effect, or use
***************
*** 59,62 ****
  # IPv4-style local connections:
  host    all         all         127.0.0.1         255.255.255.255   trust
  # IPv6-style local connections:
! host    all         all         ::1               ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff        trust
--- 63,66 ----
  # IPv4-style local connections:
  host    all         all         127.0.0.1         255.255.255.255   trust
  # IPv6-style local connections:
! host    all         all         ::1/128                             trust

pgsql-patches by date:

Previous
From: Peter Eisentraut
Date:
Subject: Re: [GENERAL] restore error - language "plperlu" is not trusted
Next
From: Andrew Dunstan
Date:
Subject: Re: distinguish between all and "all" in pg_hba.conf