On 07/23/2014 09:14 AM, Viswanatham kirankumar wrote:
On 16 July 2014 23:12, Tom Lane wrote
Christoph Berg <c...@df7cb.de> writes:
Re: Viswanatham kirankumar 2014-07-16
Attached patch is implementing following TODO item Process
pg_hba.conf keywords as case-insensitive
Hmm. I see a case for accepting "ALL" (as in hosts.allow(5)), so +1 on
that, but I don't think the other keywords like "host" and "peer"
should be valid in upper case.
I think the argument was that SQL users are accustomed to thinking that
case-insensitive. It makes sense to me that we should adopt that same
convention in pg_hba.conf.
Re-reading the original thread, there was also concern about whether
we should try to make quoting/casefolding behave more like it does in SQL,
specifically for matching pg_hba.conf items to SQL identifiers (database and
This patch doesn't seem to have addressed that part of it, but I think we need
to think those
things through before we just do a blind s/strcmp/pg_strcasecmp/g. Otherwise
find that we've added ambiguity that will give us trouble when we do try to fix
I had updated as per you review comments
1) database and role names behave similar to SQL identifiers (case-sensitive /
2) users and user-groups only requires special handling and behavior as follows
Normal user :
A. unquoted ( USER ) will be treated as user ( downcase ).
B. quoted ( "USeR" ) will be treated as USeR (case-sensitive).
C. quoted ( "+USER" ) will be treated as normal user +USER (i.e. will
not be considered as user-group) and case-sensitive as string is quoted.
User Group :
A. unquoted ( +USERGROUP ) will be treated as +usergruop ( downcase ).
B. plus quoted ( +"UserGROUP" ) will be treated as +UserGROUP
3) Host name is not a SQL object so it will be treated as case-sensitive
except for all, samehost, samenet are considered as keywords.
For these user need to use quotes to differentiate between hostname and
4) All the fixed keywords mention in pg_hba.conf and Client Authentication
section will be considered as keywords
Eg: host, local, hostssl etc..
With this patch, database (and role?) names are compared
case-insensitively. For example:
local MixedDB all trust
local mixedDB all reject
psql -d "mixedDB"
Type "help" for help.
That connection should've matched that 2nd line, and be rejected.
PS. Please update the docs.
Sent via pgsql-hackers mailing list (firstname.lastname@example.org)
To make changes to your subscription: