From: Peter Eisentraut Date: Sun, 31 Jul 2011 15:03:43 +0000 (+0300) Subject: Add host name resolution information to pg_hba.conf error messages X-Git-Tag: REL9_2_BETA1~1340 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=8a0fa9cad9939f53f0b496d95d7e7fd9cfab0e9c;p=postgresql Add host name resolution information to pg_hba.conf error messages This is to be able to analyze issues with host names in pg_hba.conf. --- diff --git a/src/backend/libpq/auth.c b/src/backend/libpq/auth.c index d1538809f8..1b6399d91d 100644 --- a/src/backend/libpq/auth.c +++ b/src/backend/libpq/auth.c @@ -439,6 +439,17 @@ ClientAuthentication(Port *port) NULL, 0, NI_NUMERICHOST); +#define HOSTNAME_LOOKUP_DETAIL(port) \ + (port->remote_hostname \ + ? (port->remote_hostname_resolv == +1 \ + ? errdetail_log("Client IP address resolved to \"%s\", forward lookup matches.", port->remote_hostname) \ + : (port->remote_hostname_resolv == 0 \ + ? errdetail_log("Client IP address resolved to \"%s\", forward lookup not checked.", port->remote_hostname) \ + : (port->remote_hostname_resolv == -1 \ + ? errdetail_log("Client IP address resolved to \"%s\", forward lookup does not match.", port->remote_hostname) \ + : 0))) \ + : 0) + if (am_walsender) { #ifdef USE_SSL @@ -446,12 +457,14 @@ ClientAuthentication(Port *port) (errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION), errmsg("no pg_hba.conf entry for replication connection from host \"%s\", user \"%s\", %s", hostinfo, port->user_name, - port->ssl ? _("SSL on") : _("SSL off")))); + port->ssl ? _("SSL on") : _("SSL off")), + HOSTNAME_LOOKUP_DETAIL(port))); #else ereport(FATAL, (errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION), errmsg("no pg_hba.conf entry for replication connection from host \"%s\", user \"%s\"", - hostinfo, port->user_name))); + hostinfo, port->user_name), + HOSTNAME_LOOKUP_DETAIL(port))); #endif } else @@ -462,13 +475,15 @@ ClientAuthentication(Port *port) errmsg("no pg_hba.conf entry for host \"%s\", user \"%s\", database \"%s\", %s", hostinfo, port->user_name, port->database_name, - port->ssl ? _("SSL on") : _("SSL off")))); + port->ssl ? _("SSL on") : _("SSL off")), + HOSTNAME_LOOKUP_DETAIL(port))); #else ereport(FATAL, (errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION), errmsg("no pg_hba.conf entry for host \"%s\", user \"%s\", database \"%s\"", hostinfo, port->user_name, - port->database_name))); + port->database_name), + HOSTNAME_LOOKUP_DETAIL(port))); #endif } break;