Re: [TODO] Process pg_hba.conf keywords as case-insensitive - Mailing list pgsql-hackers
| From | Heikki Linnakangas |
|---|---|
| Subject | Re: [TODO] Process pg_hba.conf keywords as case-insensitive |
| Date | |
| Msg-id | 53F5A2D6.2050208@vmware.com Whole thread Raw |
| In response to | Re: [TODO] Process pg_hba.conf keywords as case-insensitive (Viswanatham kirankumar <viswanatham.kirankumar@huawei.com>) |
| Responses |
Re: [TODO] Process pg_hba.conf keywords as case-insensitive
|
| List | pgsql-hackers |
On 07/23/2014 09:14 AM, Viswanatham kirankumar wrote: >> On 16 July 2014 23:12, Tom Lane wrote >>> Christoph Berg <cb@df7cb.de> writes: >>> Re: Viswanatham kirankumar 2014-07-16 >>> <EC867DEF52699D4189B584A14BAA7C2165440538@blreml504-mbx.china.huawei.com> >>>> Attached patch is implementing following TODO item Process >>>> pg_hba.conf keywords as case-insensitive > >>> Hmm. I see a case for accepting "ALL" (as in hosts.allow(5)), so +1 on >>> that, but I don't think the other keywords like "host" and "peer" >>> should be valid in upper case. > >> I think the argument was that SQL users are accustomed to thinking that keywords are >> case-insensitive. It makes sense to me that we should adopt that same convention in pg_hba.conf. > >> Re-reading the original thread, there was also concern about whether >> we should try to make quoting/casefolding behave more like it does in SQL, >> specifically for matching pg_hba.conf items to SQL identifiers (database and role names). >> This patch doesn't seem to have addressed that part of it, but I think we need to think those >> things through before we just do a blind s/strcmp/pg_strcasecmp/g. Otherwise we might >> find that we've added ambiguity that will give us trouble when we do try to fix that. > > I had updated as per you review comments > > 1) database and role names behave similar to SQL identifiers (case-sensitive / case-folding). > > 2) users and user-groups only requires special handling and behavior as follows > Normal user : > A. unquoted ( USER ) will be treated as user ( downcase ). > B. quoted ( "USeR" ) will be treated as USeR (case-sensitive). > C. quoted ( "+USER" ) will be treated as normal user +USER (i.e. will not be considered as user-group) and case-sensitiveas string is quoted. > User Group : > A. unquoted ( +USERGROUP ) will be treated as +usergruop ( downcase ). > B. plus quoted ( +"UserGROUP" ) will be treated as +UserGROUP (case-sensitive). > > 3) Host name is not a SQL object so it will be treated as case-sensitive > except for all, samehost, samenet are considered as keywords. > For these user need to use quotes to differentiate between hostname and keywords. > > 4) All the fixed keywords mention in pg_hba.conf and Client Authentication section will be considered as keywords > Eg: host, local, hostssl etc.. With this patch, database (and role?) names are compared case-insensitively. For example: local MixedDB all trust local mixedDB all reject psql -d "mixedDB" psql (9.5devel) Type "help" for help. mixedDB=# That connection should've matched that 2nd line, and be rejected. PS. Please update the docs. - Heikki
pgsql-hackers by date: