| From: | Andreas Pflug <pgadmin(at)pse-consulting(dot)de> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Tommi Mäkitalo <t(dot)maekitalo(at)epgmbh(dot)de>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: TCP/IP with 7.4 beta2 broken? |
| Date: | 2003-09-02 11:40:45 |
| Message-ID: | 3F5481BD.8010301@pse-consulting.de |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Tom Lane wrote:
>Andreas Pflug <pgadmin(at)pse-consulting(dot)de> writes:
>
>
>>How about silently creating a IPV6 style host internally for every IPV4
>>pg_hba.conf entry? It won't make any sense to handle a real IPV4 address
>>different from an IPV4 address converted to IPV6 address space.
>>
>>
>
>Hmm. I could go for that, if it weren't that there seem to be several
>different conventions for embedding IPv4 in IPv6. Should we auto-create
>pg_hba.conf entries for all of the possibly equivalent addresses?
>
AFAICS RFC2253 states that an IPV4 node connecting should get the
Address ::ffff:<IPV4addr>, so this should be sufficient.
>What if that creates conflicts?
>
If there's a conflict, it isn't created by this automatic entry, but
revealed because it was already there.
host 192.168.0.0/24
host ::ffff:102.168.0.0/125
This is already a conflict, not getting better or worse if we add
host ::ffff:102.168.0.0/120
as IPV6 duplicate for the first line.
I created a patch to hba.c which uses IPV4 entries as IPV6 entries if
running on a IPV6 system (which is detected from a port coming in as
AF_INET6)
Regards,
Andreas
| Attachment | Content-Type | Size |
|---|---|---|
| hba.conf.diff | text/plain | 3.6 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andrew Dunstan | 2003-09-02 11:43:58 | Re: TCP/IP with 7.4 beta2 broken? |
| Previous Message | Lee Kindness | 2003-09-02 10:49:28 | Re: Unixware Patch (Was: Re: Beta2 Tag'd and Bundled ...) |