Joshua D. Drake wrote:
Hello,
Per the TODO list:
Allow pg_hba.conf to specify host names along with IP addresses
Host name lookup could occur when the postmaster reads the pg_hba.conf
file, or when the backend starts. Another solution would be to reverse
lookup the connection IP and check that hostname against the host names
in pg_hba.conf. We could also then check that the host name maps to the
IP address.
I was considering trying to attack this for 8.3. My thoughts are the
following:
Allow one to specify a FQDN or a simple wild card DN. E.g;
*.commandprompt.com.
A valid entry would look like this:
host all all *.commandprompt.com trust
host all all www1.postgresql.org md5
Before we rehearse the discussion we had in June again, please review
it. It ended on these sensible words from Tom at
http://archives.postgresql.org/pgsql-hackers/2006-02/msg00550.php :
> Personally, I doubt there's any great use case for DNS names. Like Tom
> says, if it involves much more that removing the AI_NUMERICHOST hint
> then let's forget it.
Perhaps more to the point: let's do that and wait to see if the field
demand justifies expending lots of sweat on anything smarter. Given
that we've gone this long with only allowing numeric IPs in pg_hba.conf,
I suspect we'll find that few people really care.
cheers
andrew
---------------------------(end of broadcast)---------------------------
TIP 5: don't forget to increase your free space map settings
