Re: pg_hba.conf: samehost and samenet [REVIEW]

Whoops I missed this email...

Robert Haas wrote:
> Rereading the thread, it seems that the main question is whether there
> are any platforms that we support that have neither getifaddrs or
> SIOCGIFCONF, or where they don't work properly.

As far as I can tell, there are no non-ancient mainstream platforms that
we're missing here. As Tom suggested, I've looked over postfix, bind and
pcap and merged what I've learned into the (attached) samenet patch. I
believe we're hitting all the majors here:

* Win32 using win_wsa2.dll
* Modern versions of: Linux, BSD, Mac OS X, AIX using getifaddrs
* Modern Solaris and HPUX using ioctl/SIOCGLIFCONF
* Older unixes (BSD, Linux, Solaris, AIX) using ioctl/SIOCGIFCONF

SIOCGIFCONF doesn't return IPv6 information on certain platforms (such
as modern Solaris, or older Linux).

I believe we're covering every single Unix in use out there. I have
however only verified this assertion on open source OS's. I've also
verified that the SIOCGIFCONF method on Linux, BSD and Solaris, even
though they use more modern methods by default.

If a problem occurs with this code the src/tools/ifaddrs tool can be
used to diagnose the problem, and send in debugging feedback.

> By the way, in foreach_ifaddr_ifconf, what happens if the number of
> addresses is too large to fit in the arbitrary-size buffer you've
> chosen here?

The old approach was not a security vulnerability, and I find it hard to
believe that anyone would have had more than 10K of addresses. However
for the sake of completeness attached is a patch with dynamically sized
buffers. This adds some code complexity, but maybe someone out there
would have run into this (extremely) edge case.

I believe this patch to be complete, and am looking forward to review.

Cheers,

Stef