On Fri, Jul 29, 2011 at 2:44 PM, Peter Eisentraut <pete...@gmx.net> wrote: > On tis, 2011-07-19 at 14:17 -0400, Robert Haas wrote: >> I think it would be less confusing to write the IP address as the main >> piece of information, and put the hostname in parentheses only if we >> accepted it as valid (i.e. we did both lookups, and everything >> matched). >> >> ERROR: no pg_hba.conf entry for host 127.0.0.1 ("localhost"), user >> "x", database "y" >> >> As for the case where we the forward lookup and reverse lookup don't >> match, could we add that as a DETAIL? >> >> ERROR: no pg_hba.conf entry for host 127.0.0.1, user "x", database "y" >> DETAIL: Forward and reverse DNS lookups do not match. > > On further reflection, the only way we would get a complete match host > name is if there actually were a line in pg_hba.conf with that host > name, but it didn't match because of other parameters. So that would be > quite rare, and so the error message would look one way or the other > depending on obscure circumstances, which would be confusing. > > But picking up on your second suggestion, I propose instead that we put > a note in the detail about the host name and what we know about it, if > we know it, e.g. > > ERROR: no pg_hba.conf entry for host 127.0.0.1, user "x", database "y" > DETAIL: Client IP address resolved to "localhost", forward lookup matches. > > I chose to use errdetail_log(), which only goes into the server log, so > we don't expose too much about the server's DNS setup to the client.
Seems reasonable. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company -- Sent via pgsql-hackers mailing list (email@example.com) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers