Re: CIDR address in pg_hba.conf
| От | Bruce Momjian |
|---|---|
| Тема | Re: CIDR address in pg_hba.conf |
| Дата | |
| Msg-id | 201106140058.p5E0w3F07048@momjian.us обсуждение исходный текст |
| Ответ на | Re: CIDR address in pg_hba.conf (Robert Haas <robertmhaas@gmail.com>) |
| Список | pgsql-docs |
Robert Haas wrote: > On Thu, Jun 9, 2011 at 8:42 PM, Bruce Momjian <bruce@momjian.us> wrote: > > Tom Lane wrote: > >> Fujii Masao <masao.fujii@gmail.com> writes: > >> > http://developer.postgresql.org/pgdocs/postgres/auth-pg-hba-conf.html > >> >> An IP address is specified in standard dotted decimal notation with > >> >> a CIDR mask length. The mask length indicates the number of > >> >> high-order bits of the client IP address that must match. Bits to the > >> >> right of this must be zero in the given IP address. > >> > >> > Is the last statement correct? When I specified the following setting > >> > in pg_hba.conf, I could not find any problem in PostgreSQL. > >> > >> > ? ? host ?all ?all ?192.168.1.99/24 ?trust > >> > >> > As far as I read the code, those bits seem not to need to be zero. > >> > Attached patch just removes that statement. > >> > >> Even if it happens to work that way at the moment, do we want to > >> encourage people to depend on such an implementation artifact? > >> > >> IOW, if you read "must" as "if you want to trust it to work in future > >> versions, you must", the advice is perfectly sound. > > > > Should we use "should"? > > +1. Thanks for the feedback. Patched in head and 9.1. -- Bruce Momjian <bruce@momjian.us> http://momjian.us EnterpriseDB http://enterprisedb.com + It's impossible for everything to be true. +
В списке pgsql-docs по дате отправления: