@@ -164,22 +164,36 @@ PGconn *PQconnectdbParams(const char **keywords, const char **values, int expand
164164 Using <literal>hostaddr</> instead of <literal>host</> allows the
165165 application to avoid a host name look-up, which might be important
166166 in applications with time constraints. However, a host name is
167- required for Kerberos, GSSAPI, or SSPI authentication, as well as
168- for full SSL certificate verification. The following rules are
169- used:
170- If <literal>host</> is specified without <literal>hostaddr</>,
171- a host name lookup occurs.
172- If <literal>hostaddr</> is specified without <literal>host</>,
173- the value for <literal>hostaddr</> gives the server network address.
174- The connection attempt will fail in any of the cases where a
175- host name is required.
176- If both <literal>host</> and <literal>hostaddr</> are specified,
177- the value for <literal>hostaddr</> gives the server network address.
178- The value for <literal>host</> is ignored unless needed for
179- authentication or verification purposes, in which case it will be
180- used as the host name. Note that authentication is likely to fail
181- if <literal>host</> is not the name of the machine at
182- <literal>hostaddr</>.
167+ required for Kerberos, GSSAPI, or SSPI authentication
168+ methods, as well as for <literal>verify-full</> SSL
169+ certificate verification. The following rules are used:
170+ <itemizedlist>
171+ <listitem>
172+ <para>
173+ If <literal>host</> is specified without <literal>hostaddr</>,
174+ a host name lookup occurs.
175+ </para>
176+ </listitem>
177+ <listitem>
178+ <para>
179+ If <literal>hostaddr</> is specified without <literal>host</>,
180+ the value for <literal>hostaddr</> gives the server network address.
181+ The connection attempt will fail if the authentication
182+ method requires a host name.
183+ </para>
184+ </listitem>
185+ <listitem>
186+ <para>
187+ If both <literal>host</> and <literal>hostaddr</> are specified,
188+ the value for <literal>hostaddr</> gives the server network address.
189+ The value for <literal>host</> is ignored unless the
190+ authentication method requires it, in which case it will be
191+ used as the host name.
192+ </para>
193+ </listitem>
194+ </itemizedlist>
195+ Note that authentication is likely to fail if <literal>host</>
196+ is not the name of the server at network address <literal>hostaddr</>.
183197 Also, note that <literal>host</> rather than <literal>hostaddr</>
184198 is used to identify the connection in <filename>~/.pgpass</> (see
185199 <xref linkend="libpq-pgpass">).