From 3e32e9476f827f9ac76fa3cdb1b3767d8a69619d Mon Sep 17 00:00:00 2001
From: Bruce Momjian <bruce@momjian.us>
Date: Thu, 25 Dec 2003 03:44:05 +0000
Subject: [PATCH] Patch that makes quoting "sameuser", "samegroup", and "all"
 remove special meaning of these terms in pg_hba.conf.

Also changes ugly pg_hba.conf IPv6 netmask of
ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff to ::1/128.

Andrew Dunstan
---
 src/backend/libpq/hba.c              | 37 ++++++++++++++++++++++------
 src/backend/libpq/pg_hba.conf.sample |  7 +++++-
 2 files changed, 35 insertions(+), 9 deletions(-)

diff --git a/src/backend/libpq/hba.c b/src/backend/libpq/hba.c
index b1b2f343eea..ea32ead1744 100644
--- a/src/backend/libpq/hba.c
+++ b/src/backend/libpq/hba.c
@@ -10,7 +10,7 @@
  *
  *
  * IDENTIFICATION
- *	  $PostgreSQL: pgsql/src/backend/libpq/hba.c,v 1.118 2003/12/05 15:50:31 tgl Exp $
+ *	  $PostgreSQL: pgsql/src/backend/libpq/hba.c,v 1.119 2003/12/25 03:44:04 momjian Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -87,16 +87,19 @@ pg_isblank(const char c)
  *	 token or EOF, whichever comes first. If no more tokens on line,
  *	 return null string as *buf and position file to beginning of
  *	 next line or EOF, whichever comes first. Allow spaces in quoted
- *	 strings. Terminate on unquoted commas. Handle comments.
+ *	 strings. Terminate on unquoted commas. Handle comments. Treat
+ *   unquoted keywords that might be user names or database names 
+ *   specially, by appending a newline to them.
  */
 void
 next_token(FILE *fp, char *buf, const int bufsz)
 {
 	int			c;
 	char	   *start_buf = buf;
-	char	   *end_buf = buf + (bufsz - 1);
+	char	   *end_buf = buf + (bufsz - 2);
 	bool		in_quote = false;
 	bool		was_quote = false;
+	bool        saw_quote = false;
 
 	/* Move over initial whitespace and commas */
 	while ((c = getc(fp)) != EOF && (pg_isblank(c) || c == ','))
@@ -149,7 +152,10 @@ next_token(FILE *fp, char *buf, const int bufsz)
 				was_quote = false;
 
 			if (c == '"')
+			{
 				in_quote = !in_quote;
+				saw_quote = true;
+			}
 
 			c = getc(fp);
 		}
@@ -161,7 +167,22 @@ next_token(FILE *fp, char *buf, const int bufsz)
 		if (c != EOF)
 			ungetc(c, fp);
 	}
+
+
+	if ( !saw_quote && 
+	     (
+			 strncmp(start_buf,"all",3) == 0  ||
+			 strncmp(start_buf,"sameuser",8) == 0  ||
+			 strncmp(start_buf,"samegroup",9) == 0 
+		 )
+		)
+	{
+		/* append newline to a magical keyword */
+		*buf++ = '\n';
+	}
+
 	*buf = '\0';
+
 }
 
 /*
@@ -446,7 +467,7 @@ check_user(char *user, char *param_str)
 				return true;
 		}
 		else if (strcmp(tok, user) == 0 ||
-				 strcmp(tok, "all") == 0)
+				 strcmp(tok, "all\n") == 0)
 			return true;
 	}
 
@@ -463,14 +484,14 @@ check_db(char *dbname, char *user, char *param_str)
 
 	for (tok = strtok(param_str, MULTI_VALUE_SEP); tok != NULL; tok = strtok(NULL, MULTI_VALUE_SEP))
 	{
-		if (strcmp(tok, "all") == 0)
+		if (strcmp(tok, "all\n") == 0)
 			return true;
-		else if (strcmp(tok, "sameuser") == 0)
+		else if (strcmp(tok, "sameuser\n") == 0)
 		{
 			if (strcmp(dbname, user) == 0)
 				return true;
 		}
-		else if (strcmp(tok, "samegroup") == 0)
+		else if (strcmp(tok, "samegroup\n") == 0)
 		{
 			if (check_group(dbname, user))
 				return true;
@@ -1068,7 +1089,7 @@ check_ident_usermap(const char *usermap_name,
 		errmsg("cannot use Ident authentication without usermap field")));
 		found_entry = false;
 	}
-	else if (strcmp(usermap_name, "sameuser") == 0)
+	else if (strcmp(usermap_name, "sameuser\n") == 0)
 	{
 		if (strcmp(pg_user, ident_user) == 0)
 			found_entry = true;
diff --git a/src/backend/libpq/pg_hba.conf.sample b/src/backend/libpq/pg_hba.conf.sample
index f4f002b7079..bd9120676a2 100644
--- a/src/backend/libpq/pg_hba.conf.sample
+++ b/src/backend/libpq/pg_hba.conf.sample
@@ -35,6 +35,11 @@
 # encrypted passwords.  OPTION is the ident map or the name of the PAM
 # service.
 #
+# Database and user names containing spaces, commas, quotes and other special
+# characters can be quoted. Quoting one of the keywords "all", "sameuser" or
+# "samegroup"  makes the name lose its special character, and just match a 
+# database or username with that name.
+#
 # This file is read on server startup and when the postmaster receives
 # a SIGHUP signal.  If you edit the file on a running system, you have
 # to SIGHUP the postmaster for the changes to take effect, or use
@@ -59,4 +64,4 @@ local   all         all                                             trust
 # IPv4-style local connections:
 host    all         all         127.0.0.1         255.255.255.255   trust
 # IPv6-style local connections:
-host    all         all         ::1               ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff        trust
+host    all         all         ::1/128                             trust
-- 
GitLab