gss: add missing references to hostgssenc and hostnogssenc

These were missed when these were added to pg_hba.conf in PG 12;
updates docs and pg_hba.conf.sample.

Reported-by: Arthur Nascimento
Bug: 16380

Discussion: https://postgr.es/m/20200421182736[email protected]

Backpatch-through: 12

diff --git a/doc/src/sgml/client-auth.sgml b/doc/src/sgml/client-auth.sgml
index 5f1eec78fb64f722de6a30ea2cde9849bd37a2b9..5cd88b462dbdbf056d48331a1a9c4609033af03f 100644 (file)
--- a/doc/src/sgml/client-auth.sgml
+++ b/doc/src/sgml/client-auth.sgml
@@ -99,17 +99,19 @@
   
 
   
-   A record can have one of the seven formats
+   A record can have several formats:
 
-local      database  user  auth-method  auth-options
-host       database  user  address  auth-method  auth-options
-hostssl    database  user  address  auth-method  auth-options
-hostnossl  database  user  address  auth-method  auth-options
-host       database  user  IP-address  IP-mask  auth-method  auth-options
-hostssl    database  user  IP-address  IP-mask  auth-method  auth-options
-hostnossl  database  user  IP-address  IP-mask  auth-method  auth-options
-hostgssenc database  user  IP-address  IP-mask  auth-method  auth-options
-hostnogssenc database  user  IP-address  IP-mask  auth-method  auth-options
+local         database  user  auth-method auth-options
+host          database  user  address     auth-method  auth-options
+hostssl       database  user  address     auth-method  auth-options
+hostnossl     database  user  address     auth-method  auth-options
+hostgssenc    database  user  address     auth-method  auth-options
+hostnogssenc  database  user  address     auth-method  auth-options
+host          database  user  IP-address  IP-mask      auth-method  auth-options
+hostssl       database  user  IP-address  IP-mask      auth-method  auth-options
+hostnossl     database  user  IP-address  IP-mask      auth-method  auth-options
+hostgssenc    database  user  IP-address  IP-mask      auth-method  auth-options
+hostnogssenc  database  user  IP-address  IP-mask      auth-method  auth-options
 
    The meaning of the fields is as follows:
 
@@ -356,8 +358,7 @@ hostnogssenc database  user
       
 
       
-       This field only applies to host,
-       hostssl, and hostnossl records.
+       These fields do not apply to local records.
       
 
       
@@ -409,8 +410,7 @@ hostnogssenc database  user
       
 
       
-       These fields only apply to host,
-       hostssl, and hostnossl records.
+       These fields do not apply to local records.
       
      
     

diff --git a/src/backend/libpq/pg_hba.conf.sample b/src/backend/libpq/pg_hba.conf.sample
index c853e362329e41db0ef74ae0484891aa65b6ea51..b6de12b29850acb5a8f2db80e7efd1f7be57d211 100644 (file)
--- a/src/backend/libpq/pg_hba.conf.sample
+++ b/src/backend/libpq/pg_hba.conf.sample
@@ -9,17 +9,21 @@
 # are authenticated, which PostgreSQL user names they can use, which
 # databases they can access.  Records take one of these forms:
 #
-# local      DATABASE  USER  METHOD  [OPTIONS]
-# host       DATABASE  USER  ADDRESS  METHOD  [OPTIONS]
-# hostssl    DATABASE  USER  ADDRESS  METHOD  [OPTIONS]
-# hostnossl  DATABASE  USER  ADDRESS  METHOD  [OPTIONS]
+# local         DATABASE  USER  METHOD  [OPTIONS]
+# host          DATABASE  USER  ADDRESS  METHOD  [OPTIONS]
+# hostssl       DATABASE  USER  ADDRESS  METHOD  [OPTIONS]
+# hostnossl     DATABASE  USER  ADDRESS  METHOD  [OPTIONS]
+# hostgssenc    DATABASE  USER  ADDRESS  METHOD  [OPTIONS]
+# hostnogssenc  DATABASE  USER  ADDRESS  METHOD  [OPTIONS]
 #
 # (The uppercase items must be replaced by actual values.)
 #
 # The first field is the connection type: "local" is a Unix-domain
 # socket, "host" is either a plain or SSL-encrypted TCP/IP socket,
 # "hostssl" is an SSL-encrypted TCP/IP socket, and "hostnossl" is a
-# plain TCP/IP socket.
+# non-SSL TCP/IP socket.  Similarly, "hostgssenc" uses a
+# GSSAPI-encrypted TCP/IP socket, while "hostnogssenc" uses a
+# non-GSSAPI socket.
 #
 # DATABASE can be "all", "sameuser", "samerole", "replication", a
 # database name, or a comma-separated list thereof. The "all"