I wrote:

Tom Lane wrote:

Andrew Dunstan <[EMAIL PROTECTED]> writes:


The minimal disturbance change might be to teach the parser to distinguish between a quoted 'all' and an unquoted 'all', and forget the '*' idea.


Probably we ought to go with that, on backwards-compatibility grounds.




OK, here's the patch. Should we also do this for "sameuser" and "samegroup" for the sake of completness?



Revised patch for this as suggested by Tom.


cheers

andrew

Index: hba.c
===================================================================
RCS file: /projects/cvsroot/pgsql-server/src/backend/libpq/hba.c,v
retrieving revision 1.118
diff -c -w -r1.118 hba.c
*** hba.c       5 Dec 2003 15:50:31 -0000       1.118
--- hba.c       19 Dec 2003 17:42:20 -0000
***************
*** 87,102 ****
   *     token or EOF, whichever comes first. If no more tokens on line,
   *     return null string as *buf and position file to beginning of
   *     next line or EOF, whichever comes first. Allow spaces in quoted
!  *     strings. Terminate on unquoted commas. Handle comments.
   */
  void
  next_token(FILE *fp, char *buf, const int bufsz)
  {
        int                     c;
        char       *start_buf = buf;
!       char       *end_buf = buf + (bufsz - 1);
        bool            in_quote = false;
        bool            was_quote = false;
  
        /* Move over initial whitespace and commas */
        while ((c = getc(fp)) != EOF && (pg_isblank(c) || c == ','))
--- 87,105 ----
   *     token or EOF, whichever comes first. If no more tokens on line,
   *     return null string as *buf and position file to beginning of
   *     next line or EOF, whichever comes first. Allow spaces in quoted
!  *     strings. Terminate on unquoted commas. Handle comments. Treat
!  *   unquoted keywords that might be user names or database names 
!  *   specially, by appending a newline to them.
   */
  void
  next_token(FILE *fp, char *buf, const int bufsz)
  {
        int                     c;
        char       *start_buf = buf;
!       char       *end_buf = buf + (bufsz - 2);
        bool            in_quote = false;
        bool            was_quote = false;
+       bool        saw_quote = false;
  
        /* Move over initial whitespace and commas */
        while ((c = getc(fp)) != EOF && (pg_isblank(c) || c == ','))
***************
*** 149,155 ****
--- 152,161 ----
                                was_quote = false;
  
                        if (c == '"')
+                       {
                                in_quote = !in_quote;
+                               saw_quote = true;
+                       }
  
                        c = getc(fp);
                }
***************
*** 161,167 ****
--- 167,188 ----
                if (c != EOF)
                        ungetc(c, fp);
        }
+ 
+ 
+       if ( !saw_quote && 
+            (
+                        strncmp(start_buf,"all",3) == 0  ||
+                        strncmp(start_buf,"sameuser",8) == 0  ||
+                        strncmp(start_buf,"samegroup",9) == 0 
+                )
+               )
+       {
+               /* append newline to a magical keyword */
+               *buf++ = '\n';
+       }
+ 
        *buf = '\0';
+ 
  }
  
  /*
***************
*** 446,452 ****
                                return true;
                }
                else if (strcmp(tok, user) == 0 ||
!                                strcmp(tok, "all") == 0)
                        return true;
        }
  
--- 467,473 ----
                                return true;
                }
                else if (strcmp(tok, user) == 0 ||
!                                strcmp(tok, "all\n") == 0)
                        return true;
        }
  
***************
*** 463,476 ****
  
        for (tok = strtok(param_str, MULTI_VALUE_SEP); tok != NULL; tok = strtok(NULL, 
MULTI_VALUE_SEP))
        {
!               if (strcmp(tok, "all") == 0)
                        return true;
!               else if (strcmp(tok, "sameuser") == 0)
                {
                        if (strcmp(dbname, user) == 0)
                                return true;
                }
!               else if (strcmp(tok, "samegroup") == 0)
                {
                        if (check_group(dbname, user))
                                return true;
--- 484,497 ----
  
        for (tok = strtok(param_str, MULTI_VALUE_SEP); tok != NULL; tok = strtok(NULL, 
MULTI_VALUE_SEP))
        {
!               if (strcmp(tok, "all\n") == 0)
                        return true;
!               else if (strcmp(tok, "sameuser\n") == 0)
                {
                        if (strcmp(dbname, user) == 0)
                                return true;
                }
!               else if (strcmp(tok, "samegroup\n") == 0)
                {
                        if (check_group(dbname, user))
                                return true;
***************
*** 1068,1074 ****
                errmsg("cannot use Ident authentication without usermap field")));
                found_entry = false;
        }
!       else if (strcmp(usermap_name, "sameuser") == 0)
        {
                if (strcmp(pg_user, ident_user) == 0)
                        found_entry = true;
--- 1089,1095 ----
                errmsg("cannot use Ident authentication without usermap field")));
                found_entry = false;
        }
!       else if (strcmp(usermap_name, "sameuser\n") == 0)
        {
                if (strcmp(pg_user, ident_user) == 0)
                        found_entry = true;
Index: pg_hba.conf.sample
===================================================================
RCS file: /projects/cvsroot/pgsql-server/src/backend/libpq/pg_hba.conf.sample,v
retrieving revision 1.47
diff -c -w -r1.47 pg_hba.conf.sample
*** pg_hba.conf.sample  13 Sep 2003 16:43:38 -0000      1.47
--- pg_hba.conf.sample  19 Dec 2003 17:42:20 -0000
***************
*** 35,40 ****
--- 35,45 ----
  # encrypted passwords.  OPTION is the ident map or the name of the PAM
  # service.
  #
+ # Database and user names containing spaces, commas, quotes and other special
+ # characters can be quoted. Quoting one of the keywords "all", "sameuser" or
+ # "samegroup"  makes the name lose its special character, and just match a 
+ # database or username with that name.
+ #
  # This file is read on server startup and when the postmaster receives
  # a SIGHUP signal.  If you edit the file on a running system, you have
  # to SIGHUP the postmaster for the changes to take effect, or use
***************
*** 59,62 ****
  # IPv4-style local connections:
  host    all         all         127.0.0.1         255.255.255.255   trust
  # IPv6-style local connections:
! host    all         all         ::1               
ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff        trust
--- 64,67 ----
  # IPv4-style local connections:
  host    all         all         127.0.0.1         255.255.255.255   trust
  # IPv6-style local connections:
! host    all         all         ::1/128                             trust

---------------------------(end of broadcast)---------------------------
TIP 4: Don't 'kill -9' the postmaster

Reply via email to