From bc8624b15d8055cdead310352e5943da18500d16 Mon Sep 17 00:00:00 2001
From: Peter Eisentraut <peter_e@gmx.net>
Date: Mon, 18 Oct 2010 22:14:47 +0300
Subject: [PATCH] Support key word 'all' in host column of pg_hba.conf
---
doc/src/sgml/client-auth.sgml | 2 +-
src/backend/libpq/hba.c | 9 +++++++--
src/include/libpq/hba.h | 3 ++-
3 files changed, 10 insertions(+), 4 deletions(-)
diff --git a/doc/src/sgml/client-auth.sgml b/doc/src/sgml/client-auth.sgml
index ab96af8f66d..228cfffda33 100644
--- a/doc/src/sgml/client-auth.sgml
+++ b/doc/src/sgml/client-auth.sgml
@@ -257,7 +257,7 @@ hostnossl <replaceable>database</replaceable> <replaceable>user</replaceable>
</para>
<para>
- You can also write
+ You can also write <literal>all</literal> to match any IP address,
<literal>samehost</literal> to match any of the server's own IP
addresses, or <literal>samenet</literal> to match any address in any
subnet that the server is directly connected to.
diff --git a/src/backend/libpq/hba.c b/src/backend/libpq/hba.c
index 20c86b7ea3f..17363599626 100644
--- a/src/backend/libpq/hba.c
+++ b/src/backend/libpq/hba.c
@@ -885,8 +885,11 @@ parse_hba_line(List *line, int line_num, HbaLine *parsedline)
}
token = lfirst(line_item);
- /* Is it equal to 'samehost' or 'samenet'? */
- if (strcmp(token, "samehost\n") == 0)
+ if (strcmp(token, "all\n") == 0)
+ {
+ parsedline->ip_cmp_method = ipCmpAll;
+ }
+ else if (strcmp(token, "samehost\n") == 0)
{
/* Any IP on this host is allowed to connect */
parsedline->ip_cmp_method = ipCmpSameHost;
@@ -1503,6 +1506,8 @@ check_hba(hbaPort *port)
continue;
}
break;
+ case ipCmpAll:
+ break;
case ipCmpSameHost:
case ipCmpSameNet:
if (!check_same_host_or_net(&port->raddr,
diff --git a/src/include/libpq/hba.h b/src/include/libpq/hba.h
index eb6637f1c74..aa60d8d4f17 100644
--- a/src/include/libpq/hba.h
+++ b/src/include/libpq/hba.h
@@ -36,7 +36,8 @@ typedef enum IPCompareMethod
{
ipCmpMask,
ipCmpSameHost,
- ipCmpSameNet
+ ipCmpSameNet,
+ ipCmpAll
} IPCompareMethod;
typedef enum ConnType
--
GitLab