From: | Abhijit Menon-Sen <ams(at)2ndQuadrant(dot)com> |
---|---|
To: | Albe Laurenz <laurenz(dot)albe(at)wien(dot)gv(dot)at> |
Cc: | magnus(at)hagander(dot)net, pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: LDAP: bugfix and deprecated OpenLDAP API |
Date: | 2013-09-23 06:47:44 |
Message-ID: | 20130923064744.GA18928@toroid.org |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
At 2013-08-19 11:47:36 +0000, laurenz(dot)albe(at)wien(dot)gv(dot)at wrote:
>
> To repeat: this fixes a bug in LDAP connection parameter lookup
Hi.
I read through the patch, and it looks sensible.
I would have preferred the ldap_simple_bind_s() call in the HAVE_LIBLDAP
branch to not be inside an else {} (the if block above returns if there
is an error anyway), but that's a minor point.
I tested the code as follows:
1. Built the patched source --with-ldap
2. Set up ~/.pg_service.conf:
[foo]
ldap://localhost:3343/cn=dbserver,cn=hosts?pgconnectinfo?base?(objectclass=*)
ldap://localhost:3443/cn=dbserver,cn=hosts?pgconnectinfo?base?(objectclass=*)
3. iptables -A INPUT -p tcp -d 127.0.0.1 --dport 3343 -j DROP
4. netcat -l 127.0.0.1 3343 ; netcat -l 127.0.0.1 3443
5. PGSERVICE=foo bin/psql
psql did connect to localhost:3443 after a few seconds of trying to
connect to :3343 and failing. (I tried without the iptables rule, so
I know that it does try to connect to both.)
This doesn't seem to handle timeouts in the sense of a server that
doesn't respond after you connect (or perhaps the timeout was long
enough that it outlasted my patience), but that's not the fault of
this patch, anyway.
I can't say anything about the patch on Windows, but since Magnus seemed
to think it was OK, I'm marking this ready for committer.
-- Abhijit
From | Date | Subject | |
---|---|---|---|
Next Message | MauMau | 2013-09-23 06:53:02 | Re: UTF8 national character data type support WIP patch and list of open issues. |
Previous Message | Oleg Bartunov | 2013-09-23 06:26:51 | Re: Cube extension kNN support |