Re: [TODO] Process pg_hba.conf keywords as case-insensitive

On 07/23/2014 09:14 AM, Viswanatham kirankumar wrote:
>> On 16 July 2014 23:12, Tom Lane wrote
>>> Christoph Berg <cb(at)df7cb(dot)de> writes:
>>> Re: Viswanatham kirankumar 2014-07-16
>>> <EC867DEF52699D4189B584A14BAA7C2165440538(at)blreml504-mbx(dot)china(dot)huawei(dot)com>
>>>> Attached patch is implementing following TODO item Process
>>>> pg_hba.conf keywords as case-insensitive
>
>>> Hmm. I see a case for accepting "ALL" (as in hosts.allow(5)), so +1 on
>>> that, but I don't think the other keywords like "host" and "peer"
>>> should be valid in upper case.
>
>> I think the argument was that SQL users are accustomed to thinking that keywords are
>> case-insensitive. It makes sense to me that we should adopt that same convention in pg_hba.conf.
>
>> Re-reading the original thread, there was also concern about whether
>> we should try to make quoting/casefolding behave more like it does in SQL,
>> specifically for matching pg_hba.conf items to SQL identifiers (database and role names).
>> This patch doesn't seem to have addressed that part of it, but I think we need to think those
>> things through before we just do a blind s/strcmp/pg_strcasecmp/g. Otherwise we might
>> find that we've added ambiguity that will give us trouble when we do try to fix that.
>
> I had updated as per you review comments
>
> 1) database and role names behave similar to SQL identifiers (case-sensitive / case-folding).
>
> 2) users and user-groups only requires special handling and behavior as follows
> Normal user :
> A. unquoted ( USER ) will be treated as user ( downcase ).
> B. quoted ( "USeR" ) will be treated as USeR (case-sensitive).
> C. quoted ( "+USER" ) will be treated as normal user +USER (i.e. will not be considered as user-group) and case-sensitive as string is quoted.
> User Group :
> A. unquoted ( +USERGROUP ) will be treated as +usergruop ( downcase ).
> B. plus quoted ( +"UserGROUP" ) will be treated as +UserGROUP (case-sensitive).
>
> 3) Host name is not a SQL object so it will be treated as case-sensitive
> except for all, samehost, samenet are considered as keywords.
> For these user need to use quotes to differentiate between hostname and keywords.
>
> 4) All the fixed keywords mention in pg_hba.conf and Client Authentication section will be considered as keywords
> Eg: host, local, hostssl etc..

With this patch, database (and role?) names are compared
case-insensitively. For example:

local MixedDB all trust
local mixedDB all reject

psql -d "mixedDB"
psql (9.5devel)
Type "help" for help.

mixedDB=#

That connection should've matched that 2nd line, and be rejected.

PS. Please update the docs.

- Heikki