Stef Walter writes:
> [ postgres-hba-samenet-8.patch ]
Applied with some mostly-cosmetic editorialization.
regards, tom lane
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pg
At 2009-09-30 11:16:57 -0500, stef-l...@memberwebs.com wrote:
>
> I've now added tests for sys/ioctl.h and net/if.h even though these
> headers seemed to be common to all the unixes investigated.
Thanks. I've marked this ready for committer now.
> FWIW, there are checks for various bad netmasks.
Tom Lane wrote:
> I was just poking at this.
Thanks for trying it out.
It seems to need rather a lot of
> editorialization (eg to fix the lack of consistency about whether
> nonstandard headers have configure tests, or bother to make use of the
> tests that did get added).
I've now added tes
Robert Haas writes:
> On Mon, Sep 28, 2009 at 4:04 PM, Stef Walter wrote:
>> * Tested on Solaris, FreeBSD, Linux and Windows. As far as I can tell
>> this should also work on Mac OS, HPUX and AIX, and probably others.
> This look ready to you, too? If so, please mark it as such.
I was just
On Mon, Sep 28, 2009 at 4:04 PM, Stef Walter wrote:
> Robert Haas wrote:
>> So is this one Ready for Committer?
>
> Here we go, I think this one is ready. In addition to previous patches,
> it does:
>
> * Use some techniques from postfix for getting interface addresses.
> Couldn't use code outr
Dave Page wrote:
> On Mon, Sep 28, 2009 at 10:10 PM, Stef Walter
> wrote:
>
>> * Win32 using win_wsa2.dll
>
> I assume you mean ws2_32.dll?
Yes. I get dyslexic around windows DLLs. :)
Stef
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscri
On Mon, Sep 28, 2009 at 10:10 PM, Stef Walter wrote:
> * Win32 using win_wsa2.dll
I assume you mean ws2_32.dll?
--
Dave Page
EnterpriseDB UK: http://www.enterprisedb.com
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www
Whoops I missed this email...
Robert Haas wrote:
> Rereading the thread, it seems that the main question is whether there
> are any platforms that we support that have neither getifaddrs or
> SIOCGIFCONF, or where they don't work properly.
As far as I can tell, there are no non-ancient mainstream
Robert Haas wrote:
> So is this one Ready for Committer?
Here we go, I think this one is ready. In addition to previous patches,
it does:
* Use some techniques from postfix for getting interface addresses.
Couldn't use code outright, due to license incompatibilities.
* Tested on Solaris, Fre
Robert Haas wrote:
>> Attached patch contains a fix.
>
> So is this one Ready for Committer?
Not yet. Two more things to do. Will work on them early next week:
* On Solaris the ioctl used only returns IPv4 addresses.
* Don't use hard coded buffers on win32 and ioctl.
Cheers,
Stef
--
Sen
On Thu, Sep 24, 2009 at 8:32 PM, Stef Walter wrote:
> Magnus Hagander wrote:
>> On Mon, Sep 21, 2009 at 20:12, Stef Walter wrote:
>> This patch does not build on Windows, the error is:
>> ip.obj : error LNK2019: unresolved external symbol __imp__wsaio...@36
>> referenced
>> in function _pg_fore
Magnus Hagander wrote:
> On Mon, Sep 21, 2009 at 20:12, Stef Walter wrote:
> This patch does not build on Windows, the error is:
> ip.obj : error LNK2019: unresolved external symbol __imp__wsaio...@36
> referenced
> in function _pg_foreach_ifaddr
> ip.obj : error LNK2019: unresolved external sym
On Wed, Sep 23, 2009 at 7:56 PM, Stef Walter wrote:
> Tom Lane wrote:
>> Stef Walter writes:
>>> Allowing host names in pg_hba.conf would also solve this problem,
>>> although the last person who tried to implement this it was a topic of
>>> contention. I asked if I should focus on reverse DNS ho
Stef Walter writes:
> But if you like I can add additional defensive checks in the code to
> ignore those obviously invalid netmasks like /0. Basically the OS would
> be giving postgres bad information. Does postgres generally try to guard
> against this? I'll follow the convention of the project.
Tom Lane wrote:
> Stef Walter writes:
>> Allowing host names in pg_hba.conf would also solve this problem,
>> although the last person who tried to implement this it was a topic of
>> contention. I asked if I should focus on reverse DNS host names in
>> pg_hba.conf or portability for this samenet
Tom Lane wrote:
> Mark Mielke writes:
>> Postfix has this capability and it works fine.
>
> Hmm, have we looked at the Postfix code to see exactly how they do it?
> I'd be a *lot* more comfortable adopting logic that's been proven in the
> field than something written from scratch.
Good idea.
A
On 09/23/2009 05:40 PM, Tom Lane wrote:
I haven't looked at this "feature" at all, but I'd be inclined, on the
grounds you quite reasonably cite, to require a netmask with "samenet",
rather than just ask the interface for its netmask.
I was just thinking the same thing. Could we then unif
Mark Mielke writes:
> Postfix has this capability and it works fine.
Hmm, have we looked at the Postfix code to see exactly how they do it?
I'd be a *lot* more comfortable adopting logic that's been proven in the
field than something written from scratch.
regards, tom lan
On 09/23/2009 05:37 PM, Andrew Dunstan wrote:
Tom Lane wrote:
In this case what particularly scares me is the idea that 'samenet'
might be interpreted to let in a larger subnet than the user expected,
eg 10/8 instead of 10.0.0/24. You'd likely not notice the problem until
after you'd been broke
Andrew Dunstan writes:
> Tom Lane wrote:
>> In this case what particularly scares me is the idea that 'samenet'
>> might be interpreted to let in a larger subnet than the user expected,
>> eg 10/8 instead of 10.0.0/24. You'd likely not notice the problem until
>> after you'd been broken into ...
Tom Lane wrote:
In this case what particularly scares me is the idea that 'samenet'
might be interpreted to let in a larger subnet than the user expected,
eg 10/8 instead of 10.0.0/24. You'd likely not notice the problem until
after you'd been broken into ...
I haven't looked at this "fe
If looking for representation -
I consider the default pg_hba.conf to be problematic. Newbies start with
"trust" access, and then do silly things to open it up.
I would use samehost, and if samenet worked the same way it does for
Postfix, I would probably use samenet. This information can be
Stef Walter writes:
> Allowing host names in pg_hba.conf would also solve this problem,
> although the last person who tried to implement this it was a topic of
> contention. I asked if I should focus on reverse DNS host names in
> pg_hba.conf or portability for this samenet patch, and it was indi
On Wed, Sep 23, 2009 at 3:53 PM, Stef Walter wrote:
> Robert Haas wrote:
>> On Wed, Sep 23, 2009 at 12:41 PM, Stef Walter
>> wrote:
>>> Currently people are adding 0.0.0.0 to a default pg_hba.conf file in
>>> order to allow access from nearby machines, without running into the
>>> maintenance pr
Robert Haas wrote:
> On Wed, Sep 23, 2009 at 12:41 PM, Stef Walter
> wrote:
>> Currently people are adding 0.0.0.0 to a default pg_hba.conf file in
>> order to allow access from nearby machines, without running into the
>> maintenance problems of hard coding IP addresses. However using 0.0.0.0
>>
On Wed, Sep 23, 2009 at 12:41 PM, Stef Walter wrote:
> Currently people are adding 0.0.0.0 to a default pg_hba.conf file in
> order to allow access from nearby machines, without running into the
> maintenance problems of hard coding IP addresses. However using 0.0.0.0
> is clearly suboptimal from
On Wed, Sep 23, 2009 at 18:41, Stef Walter wrote:
> Magnus Hagander wrote:
>> On Mon, Sep 21, 2009 at 20:12, Stef Walter wrote:
>>
>>
>>
>>> Updated in attached patch.
>>
>> This patch does not build on Windows, the error is:
>> ip.obj : error LNK2019: unresolved external symbol __imp__wsaio...@
Magnus Hagander wrote:
> On Mon, Sep 21, 2009 at 20:12, Stef Walter wrote:
>
>
>
>> Updated in attached patch.
>
> This patch does not build on Windows, the error is:
> ip.obj : error LNK2019: unresolved external symbol __imp__wsaio...@36
> referenced
> in function _pg_foreach_ifaddr
> ip.ob
On Mon, Sep 21, 2009 at 20:12, Stef Walter wrote:
> Updated in attached patch.
This patch does not build on Windows, the error is:
ip.obj : error LNK2019: unresolved external symbol __imp__wsaio...@36 referenced
in function _pg_foreach_ifaddr
ip.obj : error LNK2019: unresolved external symbol
Thanks for your review!
Abhijit Menon-Sen wrote:
> First, it needs to be reformatted to not use a space before the opening
> parentheses in (some) function calls and definitions.
Fixed in the attached patch.
>> *** a/doc/src/sgml/client-auth.sgml
>> --- b/doc/src/sgml/client-auth.sgml
>> [...]
>
On Sun, Sep 20, 2009 at 05:59, Abhijit Menon-Sen wrote:
> I think the patch is more or less ready, but I have a few minor
> comments:
>
> First, it needs to be reformatted to not use a space before the opening
> parentheses in (some) function calls and definitions.
>
>> *** a/doc/src/sgml/client-a
(This is my review of the latest version of Stef Walter's samehost/net
patch, posted on 2009-09-17. See
http://archives.postgresql.org/message-id/4ab28043.3050...@memberwebs.com
for the original message.)
The patch applies and builds cleanly, and the samehost/samenet keywords
in pg_hba.conf work a
[Thanks for the heads up about the MessageID missing when posting this
previously. Was doing some mail filter development, and accidentally
left it in place... ]
Magnus Hagander wrote:
> 2009/8/25 Alvaro Herrera :
>> Something to keep in mind -- my getifaddrs(3) manpage says that on BSD
>> it can
Stef Walter wrote:
> [Looks like my response to this never made it to the mailing list,
> sending again...]
Your original message did not carry a Message-Id header, and neither
does this one (at least the copy I got). Are you doing something weird
to the message? This worries me, because we inte
2009/8/25 Alvaro Herrera :
> Stef Walter wrote:
>> Magnus Hagander wrote:
>
>> > and not just use SIOCGIFCONF for all Unixen?
>>
>> I do know that using SIOCGIFCONF on AIX comes with strange wrinkles and
>> variable length data structures etc... getifaddrs() on AIX is a far more
>> maintainable int
Something is very wrong here -- this message does not have a
message-id!
Stef Walter wrote:
> Magnus Hagander wrote:
> > On Wed, Aug 19, 2009 at 15:02, Stef Walter wrote:
> >> Magnus Hagander wrote:
> >>> On Wed, Aug 19, 2009 at 03:58, Stef Walter
> >>> wrote:
> Attached is a new patch, whi
Stef Walter wrote:
> Magnus Hagander wrote:
> > and not just use SIOCGIFCONF for all Unixen?
>
> I do know that using SIOCGIFCONF on AIX comes with strange wrinkles and
> variable length data structures etc... getifaddrs() on AIX is a far more
> maintainable interface.
Clearly the getifaddrs cod
Magnus Hagander wrote:
> On Wed, Aug 19, 2009 at 15:02, Stef Walter wrote:
>> Magnus Hagander wrote:
>>> On Wed, Aug 19, 2009 at 03:58, Stef Walter wrote:
Attached is a new patch, which I hope addresses all the concerns raised.
>>> I think you forgot to actually attach the patch
>> Whoops.
On Wed, Aug 19, 2009 at 15:02, Stef Walter wrote:
> Magnus Hagander wrote:
>> On Wed, Aug 19, 2009 at 03:58, Stef Walter wrote:
>>> Attached is a new patch, which I hope addresses all the concerns raised.
>>
>> I think you forgot to actually attach the patch
>
> Whoops. Here it is.
Is there an
Magnus Hagander wrote:
> On Wed, Aug 19, 2009 at 03:58, Stef Walter wrote:
>> Attached is a new patch, which I hope addresses all the concerns raised.
>
> I think you forgot to actually attach the patch
Whoops. Here it is.
Stef
diff --git a/configure.in b/configure.in
index 505644a..bc37b1b
On Wed, Aug 19, 2009 at 03:58, Stef Walter wrote:
> Attached is a new patch, which I hope addresses all the concerns raised.
I think you forgot to actually attach the patch
(others have taken care of the question about login already I see)
--
Magnus Hagander
Me: http://www.hagander.net/
On Tue, Aug 18, 2009 at 10:11 PM, Tom Lane wrote:
> Stef Walter writes:
>> Magnus Hagander wrote:
>>> Please add it to the open commitfest
>>> (https://commitfest.postgresql.org/action/commitfest_view/open). This
>>> will cause it to be reviewed during the next commitfest, and then you
>>> just ne
Stef Walter writes:
> Magnus Hagander wrote:
>> Please add it to the open commitfest
>> (https://commitfest.postgresql.org/action/commitfest_view/open). This
>> will cause it to be reviewed during the next commitfest, and then you
>> just need to be around to answer any questions that reviewers co
Attached is a new patch, which I hope addresses all the concerns raised.
Magnus Hagander wrote:
>> I've attached an initial patch which implements "samehost" and
>> "samenet". The patch looks more invasive than it really is, due to
>> necessary indentation change (ie: a if block), and moving some
Stef Walter writes:
> True. I could build compatibility getifaddrs for various systems, if the
> community thought this patch was worth it, and would otherwise accept
> the patch.
If you can do that I think it'd remove the major objection.
regards, tom lane
--
Sent via
Tom Lane wrote:
> Magnus Hagander writes:
>> On Fri, Aug 14, 2009 at 00:50, Stef Walter wrote:
>>> It would be great if, in the cidr-address field of pg_hba.conf, we could
>>> specify "samehost" and "samenet".
>
>> Seems like a reasonable feature - especially the samehost part.
>
> ISTM people h
Magnus Hagander wrote:
>
> A couple of comments on the patch:
Thanks I'll keep these in mind, as things progress and for future patches.
> * In general, don't include configure in the patch. Just configure.in.
> Makes it easier to read, and configure is normally built by the
> committer anyway.
Magnus Hagander writes:
> On Fri, Aug 14, 2009 at 00:50, Stef Walter wrote:
>> It would be great if, in the cidr-address field of pg_hba.conf, we could
>> specify "samehost" and "samenet".
> Seems like a reasonable feature - especially the samehost part.
ISTM people have traditionally used 127.0
On Fri, Aug 14, 2009 at 00:50, Stef Walter wrote:
> I love using postgresql, and have for a long time. I'm involved with
> almost a hundred postgresql installs. But this is the first time I've
> gotten into the code.
>
> Renumbering networks happens often, and will happen more frequently as
> IPv4
49 matches
Mail list logo
