Received: from maia.hub.org (maia-2.hub.org [200.46.204.251])
	by mail.postgresql.org (Postfix) with ESMTP id 82247B5F33F
	for <pgsql-docs-postgresql.org@mail.postgresql.org>;
	Mon,  6 Jun 2011 14:27:42 -0300 (ADT)
Received: from mail.postgresql.org ([200.46.204.86])
	by maia.hub.org (mx1.hub.org [200.46.204.251]) (amavisd-maia,
	port 10024) with ESMTP id 49572-03 for
	<pgsql-docs-postgresql.org@mail.postgresql.org>;
	Mon,  6 Jun 2011 17:27:35 +0000 (UTC)
X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6
Received: from mail-ww0-f50.google.com (mail-ww0-f50.google.com
 [74.125.82.50])
	by mail.postgresql.org (Postfix) with ESMTP id 25253B5DEA7
	for <pgsql-docs@postgresql.org>; Mon,  6 Jun 2011 14:27:34 -0300 (ADT)
Received: by wwc33 with SMTP id 33so3707317wwc.19
	for <pgsql-docs@postgresql.org>; Mon, 06 Jun 2011 10:27:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
	h=domainkey-signature:mime-version:in-reply-to:references:date
	:message-id:subject:from:to:cc:content-type
	:content-transfer-encoding;
	bh=yl1QcGRZCgn8FnKJ7AXpAHTxUGHn0upyzE/d/6RuNtI=;
	b=H/q3ZMRWuR0Eaxc47lQuP7WvArVnVY95yliTTpZiDYZfcfD9F0DPlWycC2BIjDlDy4
	24BNwnMpuGPlv1X2iCDGmxYxK0z0JnCbadOmbPdEGve+vHiu52Pby9jX68dcOKoQ+cyn
	weEjeV96HVaFBniSg/kiguZfOWnn3cgoxhTtI=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=mime-version:in-reply-to:references:date:message-id:subject:from:to
	:cc:content-type:content-transfer-encoding;
	b=QPNCHbenLW9sxXsF8O/oCeaB6N3VlDACKpdftpdknkl2EKRrCO5A2o+8Uj6apjWQWc
	+kxzCQVza+a8N+LwqsDNFrTE0FvZKDIdQ/GrKCuLn/cm8LIgzRA9CZ6H7LMllnA2fZxY
	cyCnGk49sfye9Zy2LZDSLhoidr/y0HfhFdguU=
MIME-Version: 1.0
Received: by 10.216.212.228 with SMTP id y78mr2654693weo.95.1307381254239;
	Mon, 06 Jun 2011 10:27:34 -0700 (PDT)
Received: by 10.217.1.198 with HTTP; Mon, 6 Jun 2011 10:27:34 -0700 (PDT)
In-Reply-To: <8795.1307379385@sss.pgh.pa.us>
References: <BANLkTi=SQs8mvfR-MM33NwrSGk75=t_U5g@mail.gmail.com>
	<8795.1307379385@sss.pgh.pa.us>
Date: Tue, 7 Jun 2011 02:27:34 +0900
Message-ID: <BANLkTinH0evwVweCM7ZXhsf-8-9w3Bi9Rw@mail.gmail.com>
Subject: Re: CIDR address in pg_hba.conf
From: Fujii Masao <masao.fujii@gmail.com>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: pgsql-docs <pgsql-docs@postgresql.org>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
X-Virus-Scanned: Maia Mailguard 1.0.1
X-Spam-Status: No, hits=-1.898 tagged_above=-5 required=5 tests=BAYES_00=-1.9,
	FREEMAIL_FROM=0.001, RFC_ABUSE_POST=0.001
X-Spam-Level: 
X-Archive-Number: 201106/22
X-Sequence-Number: 6796

On Tue, Jun 7, 2011 at 1:56 AM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
> Fujii Masao <masao.fujii@gmail.com> writes:
>> http://developer.postgresql.org/pgdocs/postgres/auth-pg-hba-conf.html
>>> An IP address is specified in standard dotted decimal notation with
>>> a CIDR mask length. The mask length indicates the number of
>>> high-order bits of the client IP address that must match. Bits to the
>>> right of this must be zero in the given IP address.
>
>> Is the last statement correct? When I specified the following setting
>> in pg_hba.conf, I could not find any problem in PostgreSQL.
>
>> =A0 =A0 host =A0all =A0all =A0192.168.1.99/24 =A0trust
>
>> As far as I read the code, those bits seem not to need to be zero.
>> Attached patch just removes that statement.
>
> Even if it happens to work that way at the moment, do we want to
> encourage people to depend on such an implementation artifact?
>
> IOW, if you read "must" as "if you want to trust it to work in future
> versions, you must", the advice is perfectly sound.

Okay. Sounds reasonable. I drop the patch.

Regards,

--=20
Fujii Masao
NIPPON TELEGRAPH AND TELEPHONE CORPORATION
NTT Open Source Software Center