On tis, 2011-07-19 at 14:17 -0400, Robert Haas wrote:
> I think it would be less confusing to write the IP address as the main
> piece of information, and put the hostname in parentheses only if we
> accepted it as valid (i.e. we did both lookups, and everything
> matched).
>
> ERROR: no pg_hba.conf entry for host 127.0.0.1 ("localhost"), user
> "x", database "y"
>
> As for the case where we the forward lookup and reverse lookup don't
> match, could we add that as a DETAIL?
>
> ERROR: no pg_hba.conf entry for host 127.0.0.1, user "x", database "y"
> DETAIL: Forward and reverse DNS lookups do not match.
On further reflection, the only way we would get a complete match host
name is if there actually were a line in pg_hba.conf with that host
name, but it didn't match because of other parameters. So that would be
quite rare, and so the error message would look one way or the other
depending on obscure circumstances, which would be confusing.
But picking up on your second suggestion, I propose instead that we put
a note in the detail about the host name and what we know about it, if
we know it, e.g.
ERROR: no pg_hba.conf entry for host 127.0.0.1, user "x", database "y"
DETAIL: Client IP address resolved to "localhost", forward lookup matches.
I chose to use errdetail_log(), which only goes into the server log, so
we don't expose too much about the server's DNS setup to the client.