diff --git a/doc/src/sgml/client-auth.sgml b/doc/src/sgml/client-auth.sgml
index ab96af8f66da24e2f3a6e83b6ec178511b4d250c..228cfffda3372aadba2cc1c972a38411cb8eda5c 100644
--- a/doc/src/sgml/client-auth.sgml
+++ b/doc/src/sgml/client-auth.sgml
@@ -257,7 +257,7 @@ hostnossl  <replaceable>database</replaceable>  <replaceable>user</replaceable>
       </para>
 
       <para>
-       You can also write
+       You can also write <literal>all</literal> to match any IP address,
        <literal>samehost</literal> to match any of the server's own IP
        addresses, or <literal>samenet</literal> to match any address in any
        subnet that the server is directly connected to.
diff --git a/src/backend/libpq/hba.c b/src/backend/libpq/hba.c
index 20c86b7ea3f8503e1c2f48fe924202de2020eebd..173635996268c659ee9b14f0033a17316eb1e246 100644
--- a/src/backend/libpq/hba.c
+++ b/src/backend/libpq/hba.c
@@ -885,8 +885,11 @@ parse_hba_line(List *line, int line_num, HbaLine *parsedline)
 		}
 		token = lfirst(line_item);
 
-		/* Is it equal to 'samehost' or 'samenet'? */
-		if (strcmp(token, "samehost\n") == 0)
+		if (strcmp(token, "all\n") == 0)
+		{
+			parsedline->ip_cmp_method = ipCmpAll;
+		}
+		else if (strcmp(token, "samehost\n") == 0)
 		{
 			/* Any IP on this host is allowed to connect */
 			parsedline->ip_cmp_method = ipCmpSameHost;
@@ -1503,6 +1506,8 @@ check_hba(hbaPort *port)
 							continue;
 					}
 					break;
+				case ipCmpAll:
+					break;
 				case ipCmpSameHost:
 				case ipCmpSameNet:
 					if (!check_same_host_or_net(&port->raddr,
diff --git a/src/include/libpq/hba.h b/src/include/libpq/hba.h
index eb6637f1c74854181c0e44c849d1094a5ac61e0f..aa60d8d4f1741e0d7ff97bbc8d0f9e74aed207a1 100644
--- a/src/include/libpq/hba.h
+++ b/src/include/libpq/hba.h
@@ -36,7 +36,8 @@ typedef enum IPCompareMethod
 {
 	ipCmpMask,
 	ipCmpSameHost,
-	ipCmpSameNet
+	ipCmpSameNet,
+	ipCmpAll
 } IPCompareMethod;
 
 typedef enum ConnType