On Fri, Apr 28, 2017 at 4:54 PM, Kyotaro HORIGUCHI
<horiguchi.kyotaro@lab.ntt.co.jp> wrote:
> I noticed that the precedence between host and hostaddr in a
> connection string is reversed in regard to .pgpass lookup in
> devel.
>
> For example the following connection string uses a .pgpass entry
> with "127.0.0.1", not "hoge".
>
> "host=hoge hostaddr=127.0.0.1 port=5432 dbname=postgres"
>
>
> This change was introdueced by the commit
> 274bb2b3857cc987cfa21d14775cae9b0dababa5 and the current behavior
> contradicts the documentation.
>
> https://www.postgresql.org/docs/devel/static/libpq-connect.html
>
>> hostaddr
>> ...
>> Note that authentication is likely to fail if host is not the
>> name of the server at network address hostaddr. Also, note that
>> host rather than hostaddr is used to identify the connection in
>> a password file (see Section 33.15, “The Password File”).
>
> I think this should be fixed for the same reason with the
> following commit.
I am planning to look at your patch more closely, but thinking how
painful it is going to be to check your patch, I think that it would
be a good idea to have a TAP test for pgpass in
src/test/authentication/ to be sure that this never breaks again in
the future. We cannot test all combinations as servers only listen to
unix domains but surely we can get some coverage with libpq.
--
Michael
