Skip to content

Commit c1b910e

Browse files
peterepetere
committed
Add host name resolution information to pg_hba.conf error messages
This is to be able to analyze issues with host names in pg_hba.conf.
1 parent 4d2d5b8 commit c1b910e

File tree

1 file changed

+19
-4
lines changed

1 file changed

+19
-4
lines changed

src/backend/libpq/auth.c

Lines changed: 19 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -443,19 +443,32 @@ ClientAuthentication(Port *port)
443443
NULL, 0,
444444
NI_NUMERICHOST);
445445

446+
#define HOSTNAME_LOOKUP_DETAIL(port) \
447+
(port->remote_hostname \
448+
? (port->remote_hostname_resolv == +1 \
449+
? errdetail_log("Client IP address resolved to \"%s\", forward lookup matches.", port->remote_hostname) \
450+
: (port->remote_hostname_resolv == 0 \
451+
? errdetail_log("Client IP address resolved to \"%s\", forward lookup not checked.", port->remote_hostname) \
452+
: (port->remote_hostname_resolv == -1 \
453+
? errdetail_log("Client IP address resolved to \"%s\", forward lookup does not match.", port->remote_hostname) \
454+
: 0))) \
455+
: 0)
456+
446457
if (am_walsender)
447458
{
448459
#ifdef USE_SSL
449460
ereport(FATAL,
450461
(errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION),
451462
errmsg("no pg_hba.conf entry for replication connection from host \"%s\", user \"%s\", %s",
452463
hostinfo, port->user_name,
453-
port->ssl ? _("SSL on") : _("SSL off"))));
464+
port->ssl ? _("SSL on") : _("SSL off")),
465+
HOSTNAME_LOOKUP_DETAIL(port)));
454466
#else
455467
ereport(FATAL,
456468
(errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION),
457469
errmsg("no pg_hba.conf entry for replication connection from host \"%s\", user \"%s\"",
458-
hostinfo, port->user_name)));
470+
hostinfo, port->user_name),
471+
HOSTNAME_LOOKUP_DETAIL(port)));
459472
#endif
460473
}
461474
else
@@ -466,13 +479,15 @@ ClientAuthentication(Port *port)
466479
errmsg("no pg_hba.conf entry for host \"%s\", user \"%s\", database \"%s\", %s",
467480
hostinfo, port->user_name,
468481
port->database_name,
469-
port->ssl ? _("SSL on") : _("SSL off"))));
482+
port->ssl ? _("SSL on") : _("SSL off")),
483+
HOSTNAME_LOOKUP_DETAIL(port)));
470484
#else
471485
ereport(FATAL,
472486
(errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION),
473487
errmsg("no pg_hba.conf entry for host \"%s\", user \"%s\", database \"%s\"",
474488
hostinfo, port->user_name,
475-
port->database_name)));
489+
port->database_name),
490+
HOSTNAME_LOOKUP_DETAIL(port)));
476491
#endif
477492
}
478493
break;

0 commit comments

Comments
 (0)