From: | Albe Laurenz <laurenz(dot)albe(at)wien(dot)gv(dot)at> |
---|---|
To: | "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
Subject: | LDAP: bugfix and deprecated OpenLDAP API |
Date: | 2013-02-05 09:39:30 |
Message-ID: | A737B7A37273E048B164557ADEF4A58B057AFBF0@ntex2010a.host.magwien.gv.at |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
I found a small bug in the implementation of LDAP connection
parameter lookup.
As documented in
http://www.postgresql.org/docs/current/static/libpq-ldap.html
processing should continue after a failed attempt
to connect to an LDAP server.
The code in src/interfaces/libpq/fe-connect.c defines a
timeout of two seconds so that this failure won't block
the libpq connection attempt for a long time.
As coded now, the timeout won't work - if the LDAP server
is down, ldap_simple_bind will wait for the network
timeout, which will be quite longer than 2 seconds.
The attached patch ldap-bug.patch fixes this problem;
unfortunately I found no way that works both with OpenLDAP
and Windows LDAP, so I had to add an #ifdef.
I think that this patch should be applied and backpatched.
I also tried to fix the problem mentioned in
http://www.postgresql.org/message-id/CA+TgmoYnj=Es3L_0Q8+ijR4tVhvztW1fb=7C9K9gEmZWqhpwuQ@mail.gmail.com
that we use deprecated OpenLDAP functions, see the attached
ldap-undeprecate.patch.
I added a file ldap.c in src/port with my own implementation
of some of the functions that OpenLDAP has deprecated.
With that, the code changes necessary are pretty minimal.
I guess it's too late for something like that to go into 9.3.
Should I add it to the next commitfest?
Yours,
Laurenz Albe
Attachment | Content-Type | Size |
---|---|---|
ldap-undeprecate.patch | application/octet-stream | 5.8 KB |
ldap-bug.patch | application/octet-stream | 2.4 KB |
From | Date | Subject | |
---|---|---|---|
Next Message | Robert Haas | 2013-02-05 11:41:02 | Re: [PATCH] pg_isready (was: [WIP] pg_ping utility) |
Previous Message | Daniel Farina | 2013-02-05 09:17:48 | Re: [v9.3] writable foreign tables |