Tom Lane wrote:

OK, here's the patch. Should we also do this for "sameuser" and
"samegroup" for the sake of completness?

cheers

andrew

Index: hba.c
================================================== =================
RCS file: /projects/cvsroot/pgsql-server/src/backend/libpq/hba.c,v
retrieving revision 1.118
diff -c -w -r1.118 hba.c
*** hba.c 5 Dec 2003 15:50:31 -0000 1.118
--- hba.c 19 Dec 2003 15:26:18 -0000
***************
*** 97,102 ****
--- 97,103 ----
char *end_buf = buf + (bufsz - 1);
bool in_quote = false;
bool was_quote = false;
+ bool saw_quote = false;

/* Move over initial whitespace and commas */
while ((c = getc(fp)) != EOF && (pg_isblank(c) || c == ','))
***************
*** 149,155 ****
--- 150,159 ----
was_quote = false;

if (c == '"')
+ {
in_quote = !in_quote;
+ saw_quote = true;
+ }

c = getc(fp);
}
***************
*** 161,167 ****
--- 165,179 ----
if (c != EOF)
ungetc(c, fp);
}
+
+
+ /* append newline to a magical "all" */
+
+ if ( !saw_quote && strncmp(start_buf,"all",3) == 0 )
+ *buf++ = '\n';
+
*buf = '\0';
+
}

/*
***************
*** 446,452 ****
return true;
}
else if (strcmp(tok, user) == 0 ||
! strcmp(tok, "all") == 0)
return true;
}

--- 458,464 ----
return true;
}
else if (strcmp(tok, user) == 0 ||
! strcmp(tok, "all\n") == 0)
return true;
}

***************
*** 463,469 ****

for (tok = strtok(param_str, MULTI_VALUE_SEP); tok != NULL; tok = strtok(NULL, MULTI_VALUE_SEP))
{
! if (strcmp(tok, "all") == 0)
return true;
else if (strcmp(tok, "sameuser") == 0)
{
--- 475,481 ----

for (tok = strtok(param_str, MULTI_VALUE_SEP); tok != NULL; tok = strtok(NULL, MULTI_VALUE_SEP))
{
! if (strcmp(tok, "all\n") == 0)
return true;
else if (strcmp(tok, "sameuser") == 0)
{
Index: pg_hba.conf.sample
================================================== =================
RCS file: /projects/cvsroot/pgsql-server/src/backend/libpq/pg_hba.conf.sample,v
retrieving revision 1.47
diff -c -w -r1.47 pg_hba.conf.sample
*** pg_hba.conf.sample 13 Sep 2003 16:43:38 -0000 1.47
--- pg_hba.conf.sample 19 Dec 2003 15:26:18 -0000
***************
*** 35,40 ****
--- 35,44 ----
# encrypted passwords. OPTION is the ident map or the name of the PAM
# service.
#
+ # Database and user names containing spaces, commas, quotes and other special
+ # characters can be quoted. Quoting "all" makes the name lose its special
+ # character, and just match a database or username called "all".
+ #
# This file is read on server startup and when the postmaster receives
# a SIGHUP signal. If you edit the file on a running system, you have
# to SIGHUP the postmaster for the changes to take effect, or use
***************
*** 59,62 ****
# IPv4-style local connections:
host all all 127.0.0.1 255.255.255.255 trust
# IPv6-style local connections:
! host all all ::1 ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff trust
--- 63,66 ----
# IPv4-style local connections:
host all all 127.0.0.1 255.255.255.255 trust
# IPv6-style local connections:
! host all all ::1/128 trust


---------------------------(end of broadcast)---------------------------
TIP 7: don't forget to increase your free space map settings

I wrote:



Revised patch for this as suggested by Tom.

cheers

andrew


Index: hba.c
================================================== =================
RCS file: /projects/cvsroot/pgsql-server/src/backend/libpq/hba.c,v
retrieving revision 1.118
diff -c -w -r1.118 hba.c
*** hba.c 5 Dec 2003 15:50:31 -0000 1.118
--- hba.c 19 Dec 2003 17:42:20 -0000
***************
*** 87,102 ****
* token or EOF, whichever comes first. If no more tokens on line,
* return null string as *buf and position file to beginning of
* next line or EOF, whichever comes first. Allow spaces in quoted
! * strings. Terminate on unquoted commas. Handle comments.
*/
void
next_token(FILE *fp, char *buf, const int bufsz)
{
int c;
char *start_buf = buf;
! char *end_buf = buf + (bufsz - 1);
bool in_quote = false;
bool was_quote = false;

/* Move over initial whitespace and commas */
while ((c = getc(fp)) != EOF && (pg_isblank(c) || c == ','))
--- 87,105 ----
* token or EOF, whichever comes first. If no more tokens on line,
* return null string as *buf and position file to beginning of
* next line or EOF, whichever comes first. Allow spaces in quoted
! * strings. Terminate on unquoted commas. Handle comments. Treat
! * unquoted keywords that might be user names or database names
! * specially, by appending a newline to them.
*/
void
next_token(FILE *fp, char *buf, const int bufsz)
{
int c;
char *start_buf = buf;
! char *end_buf = buf + (bufsz - 2);
bool in_quote = false;
bool was_quote = false;
+ bool saw_quote = false;

/* Move over initial whitespace and commas */
while ((c = getc(fp)) != EOF && (pg_isblank(c) || c == ','))
***************
*** 149,155 ****
--- 152,161 ----
was_quote = false;

if (c == '"')
+ {
in_quote = !in_quote;
+ saw_quote = true;
+ }

c = getc(fp);
}
***************
*** 161,167 ****
--- 167,188 ----
if (c != EOF)
ungetc(c, fp);
}
+
+
+ if ( !saw_quote &&
+ (
+ strncmp(start_buf,"all",3) == 0 ||
+ strncmp(start_buf,"sameuser",8) == 0 ||
+ strncmp(start_buf,"samegroup",9) == 0
+ )
+ )
+ {
+ /* append newline to a magical keyword */
+ *buf++ = '\n';
+ }
+
*buf = '\0';
+
}

/*
***************
*** 446,452 ****
return true;
}
else if (strcmp(tok, user) == 0 ||
! strcmp(tok, "all") == 0)
return true;
}

--- 467,473 ----
return true;
}
else if (strcmp(tok, user) == 0 ||
! strcmp(tok, "all\n") == 0)
return true;
}

***************
*** 463,476 ****

for (tok = strtok(param_str, MULTI_VALUE_SEP); tok != NULL; tok = strtok(NULL, MULTI_VALUE_SEP))
{
! if (strcmp(tok, "all") == 0)
return true;
! else if (strcmp(tok, "sameuser") == 0)
{
if (strcmp(dbname, user) == 0)
return true;
}
! else if (strcmp(tok, "samegroup") == 0)
{
if (check_group(dbname, user))
return true;
--- 484,497 ----

for (tok = strtok(param_str, MULTI_VALUE_SEP); tok != NULL; tok = strtok(NULL, MULTI_VALUE_SEP))
{
! if (strcmp(tok, "all\n") == 0)
return true;
! else if (strcmp(tok, "sameuser\n") == 0)
{
if (strcmp(dbname, user) == 0)
return true;
}
! else if (strcmp(tok, "samegroup\n") == 0)
{
if (check_group(dbname, user))
return true;
***************
*** 1068,1074 ****
errmsg("cannot use Ident authentication without usermap field")));
found_entry = false;
}
! else if (strcmp(usermap_name, "sameuser") == 0)
{
if (strcmp(pg_user, ident_user) == 0)
found_entry = true;
--- 1089,1095 ----
errmsg("cannot use Ident authentication without usermap field")));
found_entry = false;
}
! else if (strcmp(usermap_name, "sameuser\n") == 0)
{
if (strcmp(pg_user, ident_user) == 0)
found_entry = true;
Index: pg_hba.conf.sample
================================================== =================
RCS file: /projects/cvsroot/pgsql-server/src/backend/libpq/pg_hba.conf.sample,v
retrieving revision 1.47
diff -c -w -r1.47 pg_hba.conf.sample
*** pg_hba.conf.sample 13 Sep 2003 16:43:38 -0000 1.47
--- pg_hba.conf.sample 19 Dec 2003 17:42:20 -0000
***************
*** 35,40 ****
--- 35,45 ----
# encrypted passwords. OPTION is the ident map or the name of the PAM
# service.
#
+ # Database and user names containing spaces, commas, quotes and other special
+ # characters can be quoted. Quoting one of the keywords "all", "sameuser" or
+ # "samegroup" makes the name lose its special character, and just match a
+ # database or username with that name.
+ #
# This file is read on server startup and when the postmaster receives
# a SIGHUP signal. If you edit the file on a running system, you have
# to SIGHUP the postmaster for the changes to take effect, or use
***************
*** 59,62 ****
# IPv4-style local connections:
host all all 127.0.0.1 255.255.255.255 trust
# IPv6-style local connections:
! host all all ::1 ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff trust
--- 64,67 ----
# IPv4-style local connections:
host all all 127.0.0.1 255.255.255.255 trust
# IPv6-style local connections:
! host all all ::1/128 trust


---------------------------(end of broadcast)---------------------------
TIP 4: Don't 'kill -9' the postmaster

That IPv6 cleanup is major!

Your patch has been added to the PostgreSQL unapplied patches list at:

http://momjian.postgresql.org/cgi-bin/pgpatches

I will try to apply it within the next 48 hours.

---------------------------------------------------------------------------


Andrew Dunstan wrote:
--
Bruce Momjian | http://candle.pha.pa.us
pgman (AT) candle (DOT) pha.pa.us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073

---------------------------(end of broadcast)---------------------------
TIP 5: Have you checked our extensive FAQ?

http://www.postgresql.org/docs/faqs/FAQ.html

Patch applied. Thanks.

---------------------------------------------------------------------------


Andrew Dunstan wrote:
--
Bruce Momjian | http://candle.pha.pa.us
pgman (AT) candle (DOT) pha.pa.us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073

---------------------------(end of broadcast)---------------------------
TIP 1: subscribe and unsubscribe commands go to majordomo (AT) postgresql (DOT) org