On 07/23/2014 09:14 AM, Viswanatham kirankumar wrote:
On 16 July 2014 23:12, Tom Lane wrote
Christoph Berg <c...@df7cb.de> writes:
Re: Viswanatham kirankumar 2014-07-16
Attached patch is implementing following TODO item Process
pg_hba.conf keywords as case-insensitive

Hmm. I see a case for accepting "ALL" (as in hosts.allow(5)), so +1 on
that, but I don't think the other keywords like "host" and "peer"
should be valid in upper case.

I think the argument was that SQL users are accustomed to thinking that 
keywords are
case-insensitive.  It makes sense to me that we should adopt that same 
convention in pg_hba.conf.

Re-reading the original thread, there was also concern about whether
we should try to make quoting/casefolding behave more like it does in SQL,
specifically for matching pg_hba.conf items to SQL identifiers (database and 
role names).
This patch doesn't seem to have addressed that part of it, but I think we need 
to think those
things through before we just do a blind s/strcmp/pg_strcasecmp/g.  Otherwise 
we might
find that we've added ambiguity that will give us trouble when we do try to fix 

I had updated as per you review comments

1) database and role names behave similar to SQL identifiers (case-sensitive / 

2) users and user-groups only requires special handling and behavior as follows
     Normal user :
       A. unquoted ( USER ) will be treated as user ( downcase ).
       B. quoted  ( "USeR" )  will be treated as USeR (case-sensitive).
       C. quoted ( "+USER" ) will be treated as normal user +USER (i.e. will 
not be considered as user-group) and case-sensitive as string is quoted.
    User Group :
       A. unquoted ( +USERGROUP ) will be treated as +usergruop ( downcase ).
       B. plus quoted ( +"UserGROUP"  ) will be treated as +UserGROUP 

3) Host name is not a SQL object so it will be treated as case-sensitive
    except for all, samehost, samenet are considered as keywords.
    For these user need to use quotes to differentiate between hostname and 

4) All the fixed keywords mention in pg_hba.conf and Client Authentication 
section will be considered as keywords
     Eg: host, local, hostssl etc..

With this patch, database (and role?) names are compared case-insensitively. For example:

local  MixedDB all trust
local  mixedDB all reject

psql -d "mixedDB"
psql (9.5devel)
Type "help" for help.


That connection should've matched that 2nd line, and be rejected.

PS. Please update the docs.

- Heikki

Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:

Reply via email to