public inbox for [email protected]
help / color / mirror / Atom feedFrom: Tom Lane <[email protected]>
To: Fujii Masao <[email protected]>
Cc: pgsql-docs <[email protected]>
Subject: Re: CIDR address in pg_hba.conf
Date: Mon, 06 Jun 2011 12:56:25 -0400
Message-ID: <[email protected]> (raw)
In-Reply-To: <[email protected]>
References: <[email protected]>
Fujii Masao <[email protected]> writes:
> http://developer.postgresql.org/pgdocs/postgres/auth-pg-hba-conf.html
>> An IP address is specified in standard dotted decimal notation with
>> a CIDR mask length. The mask length indicates the number of
>> high-order bits of the client IP address that must match. Bits to the
>> right of this must be zero in the given IP address.
> Is the last statement correct? When I specified the following setting
> in pg_hba.conf, I could not find any problem in PostgreSQL.
> host all all 192.168.1.99/24 trust
> As far as I read the code, those bits seem not to need to be zero.
> Attached patch just removes that statement.
Even if it happens to work that way at the moment, do we want to
encourage people to depend on such an implementation artifact?
IOW, if you read "must" as "if you want to trust it to work in future
versions, you must", the advice is perfectly sound.
regards, tom lane
view thread (6+ messages) latest in thread
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected]
Subject: Re: CIDR address in pg_hba.conf
In-Reply-To: <[email protected]>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox