parsing pg_ident.conf
I noticed somewhat to my surprise as I was prepping the tests for the
"match the whole DN" patch that pg_ident.conf is parsed using the same
routines used for pg_hba.conf, and as a result the DN almost always
needs to be quoted, because they almost all contain a comma e.g.
"O=PGDG,OU=Testing". Even if we didn't break on commas we would probably
need to quote most of them, because it's very common to include spaces
e.g. "O=Acme Corp,OU=Marketing". Nevertheless it seems rather odd to
break on commas, since nothing in the file is meant to be a list - this
is a file with exactly three single-valued fields. Not sure if it's
worth doing anything about this, or we should just live with it the way
it is.
cheers
andrew
--
Andrew Dunstan
EDB: https://www.enterprisedb.com
Hello Andrew,
I noticed somewhat to my surprise as I was prepping the tests for the
"match the whole DN" patch that pg_ident.conf is parsed using the same
routines used for pg_hba.conf, and as a result the DN almost always
needs to be quoted, because they almost all contain a comma e.g.
"O=PGDG,OU=Testing". Even if we didn't break on commas we would probably
need to quote most of them, because it's very common to include spaces
e.g. "O=Acme Corp,OU=Marketing". Nevertheless it seems rather odd to
break on commas, since nothing in the file is meant to be a list - this
is a file with exactly three single-valued fields. Not sure if it's
worth doing anything about this, or we should just live with it the way
it is.
My 0.02 €:
ISTM that having to quote long strings which may contains space or other
separators is a good thing from a readability point of view, even if it
would be possible to parse it without the quotes.
So I'm in favor of keeping it that way.
Note that since 8f8154a503, continuations are allowed on "pg_hba.conf" and
"pg_ident.conf", and that you may continuate within a quoted string, which
may be of interest when considering LDAP links.
--
Fabien.
On 11/20/20 2:19 AM, Fabien COELHO wrote:
Hello Andrew,
I noticed somewhat to my surprise as I was prepping the tests for the
"match the whole DN" patch that pg_ident.conf is parsed using the same
routines used for pg_hba.conf, and as a result the DN almost always
needs to be quoted, because they almost all contain a comma e.g.
"O=PGDG,OU=Testing". Even if we didn't break on commas we would probably
need to quote most of them, because it's very common to include spaces
e.g. "O=Acme Corp,OU=Marketing". Nevertheless it seems rather odd to
break on commas, since nothing in the file is meant to be a list - this
is a file with exactly three single-valued fields. Not sure if it's
worth doing anything about this, or we should just live with it the way
it is.My 0.02 €:
ISTM that having to quote long strings which may contains space or
other separators is a good thing from a readability point of view,
even if it would be possible to parse it without the quotes.So I'm in favor of keeping it that way.
Note that since 8f8154a503, continuations are allowed on "pg_hba.conf"
and "pg_ident.conf", and that you may continuate within a quoted
string, which may be of interest when considering LDAP links.
Maybe we should add a comment at the top of the file about when quoting
is needed.
cheers
andrew
I noticed somewhat to my surprise as I was prepping the tests for the
"match the whole DN" patch that pg_ident.conf is parsed using the same
routines used for pg_hba.conf, and as a result the DN almost always
needs to be quoted, because they almost all contain a comma e.g.
"O=PGDG,OU=Testing". Even if we didn't break on commas we would probably
need to quote most of them, because it's very common to include spacesMaybe we should add a comment at the top of the file about when quoting
is needed.
Yes, that is a good place to point that out. Possibly it would also be
worth to add something in 20.2, including an example?
--
Fabien.