Patch that makes quoting "sameuser", "samegroup", and "all" remove

special meaning of these terms in pg_hba.conf.

Also changes ugly pg_hba.conf IPv6 netmask of
ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff to ::1/128.

Andrew Dunstan

diff --git a/src/backend/libpq/hba.c b/src/backend/libpq/hba.c
index b1b2f343eea1b1bd2864da633564838181887caa..ea32ead174459dc5aa3b5c786949e01180b73e26 100644 (file)
--- a/src/backend/libpq/hba.c
+++ b/src/backend/libpq/hba.c
@@ -10,7 +10,7 @@
  *
  *
  * IDENTIFICATION
- *       $PostgreSQL: pgsql/src/backend/libpq/hba.c,v 1.118 2003/12/05 15:50:31 tgl Exp $
+ *       $PostgreSQL: pgsql/src/backend/libpq/hba.c,v 1.119 2003/12/25 03:44:04 momjian Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -87,16 +87,19 @@ pg_isblank(const char c)
  *      token or EOF, whichever comes first. If no more tokens on line,
  *      return null string as *buf and position file to beginning of
  *      next line or EOF, whichever comes first. Allow spaces in quoted
- *      strings. Terminate on unquoted commas. Handle comments.
+ *      strings. Terminate on unquoted commas. Handle comments. Treat
+ *   unquoted keywords that might be user names or database names 
+ *   specially, by appending a newline to them.
  */
 void
 next_token(FILE *fp, char *buf, const int bufsz)
 {
        int                     c;
        char       *start_buf = buf;
-       char       *end_buf = buf + (bufsz - 1);
+       char       *end_buf = buf + (bufsz - 2);
        bool            in_quote = false;
        bool            was_quote = false;
+       bool        saw_quote = false;
 
        /* Move over initial whitespace and commas */
        while ((c = getc(fp)) != EOF && (pg_isblank(c) || c == ','))
@@ -149,7 +152,10 @@ next_token(FILE *fp, char *buf, const int bufsz)
                                was_quote = false;
 
                        if (c == '"')
+                       {
                                in_quote = !in_quote;
+                               saw_quote = true;
+                       }
 
                        c = getc(fp);
                }
@@ -161,7 +167,22 @@ next_token(FILE *fp, char *buf, const int bufsz)
                if (c != EOF)
                        ungetc(c, fp);
        }
+
+
+       if ( !saw_quote && 
+            (
+                        strncmp(start_buf,"all",3) == 0  ||
+                        strncmp(start_buf,"sameuser",8) == 0  ||
+                        strncmp(start_buf,"samegroup",9) == 0 
+                )
+               )
+       {
+               /* append newline to a magical keyword */
+               *buf++ = '\n';
+       }
+
        *buf = '\0';
+
 }
 
 /*
@@ -446,7 +467,7 @@ check_user(char *user, char *param_str)
                                return true;
                }
                else if (strcmp(tok, user) == 0 ||
-                                strcmp(tok, "all") == 0)
+                                strcmp(tok, "all\n") == 0)
                        return true;
        }
 
@@ -463,14 +484,14 @@ check_db(char *dbname, char *user, char *param_str)
 
        for (tok = strtok(param_str, MULTI_VALUE_SEP); tok != NULL; tok = strtok(NULL, MULTI_VALUE_SEP))
        {
-               if (strcmp(tok, "all") == 0)
+               if (strcmp(tok, "all\n") == 0)
                        return true;
-               else if (strcmp(tok, "sameuser") == 0)
+               else if (strcmp(tok, "sameuser\n") == 0)
                {
                        if (strcmp(dbname, user) == 0)
                                return true;
                }
-               else if (strcmp(tok, "samegroup") == 0)
+               else if (strcmp(tok, "samegroup\n") == 0)
                {
                        if (check_group(dbname, user))
                                return true;
@@ -1068,7 +1089,7 @@ check_ident_usermap(const char *usermap_name,
                errmsg("cannot use Ident authentication without usermap field")));
                found_entry = false;
        }
-       else if (strcmp(usermap_name, "sameuser") == 0)
+       else if (strcmp(usermap_name, "sameuser\n") == 0)
        {
                if (strcmp(pg_user, ident_user) == 0)
                        found_entry = true;

diff --git a/src/backend/libpq/pg_hba.conf.sample b/src/backend/libpq/pg_hba.conf.sample
index f4f002b707966bff77e034c8bce3623ade767b8d..bd9120676a2171c2ec7b3971519cf6130f6f3b95 100644 (file)
--- a/src/backend/libpq/pg_hba.conf.sample
+++ b/src/backend/libpq/pg_hba.conf.sample
@@ -35,6 +35,11 @@
 # encrypted passwords.  OPTION is the ident map or the name of the PAM
 # service.
 #
+# Database and user names containing spaces, commas, quotes and other special
+# characters can be quoted. Quoting one of the keywords "all", "sameuser" or
+# "samegroup"  makes the name lose its special character, and just match a 
+# database or username with that name.
+#
 # This file is read on server startup and when the postmaster receives
 # a SIGHUP signal.  If you edit the file on a running system, you have
 # to SIGHUP the postmaster for the changes to take effect, or use
@@ -59,4 +64,4 @@ local   all         all                                             trust
 # IPv4-style local connections:
 host    all         all         127.0.0.1         255.255.255.255   trust
 # IPv6-style local connections:
-host    all         all         ::1               ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff        trust
+host    all         all         ::1/128                             trust