| From: | Albe Laurenz <laurenz(dot)albe(at)wien(dot)gv(dot)at> |
|---|---|
| To: | "Magnus Hagander *EXTERN*" <magnus(at)hagander(dot)net> |
| Cc: | "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: LDAP: bugfix and deprecated OpenLDAP API |
| Date: | 2013-08-19 11:47:36 |
| Message-ID: | A737B7A37273E048B164557ADEF4A58B17C06CDE@ntex2010a.host.magwien.gv.at |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Magnus Hagander wrote:
>> The patch should still be good, but if we keep the deprecated
>> OpenLDAP API, it might be more consistent to use ldap_simple_bind_s
>> instead of ldap_sasl_bind_s.
>>
>> If you agree, I'll change that.
>
> Sorry, you got this one in just as my vacation started.
>
> Yes, I agree with that. So please do.
Here is the updated patch.
To repeat: this fixes a bug in LDAP connection parameter lookup
if you want to have failover with more than one LDAP server:
the timeout that should ensure that failover does not take too long
did not work if there are TCP connection problems; in that case
the connection attempt would hang until network timeout
before failing over to the second LDAP server.
This should be backpatched as far as supported (8.4).
Yours,
Laurenz Albe
| Attachment | Content-Type | Size |
|---|---|---|
| ldap-bug-2.patch | application/octet-stream | 2.3 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andres Freund | 2013-08-19 12:29:38 | GetTransactionSnapshot() in enum.c |
| Previous Message | Dimitri Fontaine | 2013-08-19 09:34:47 | Re: Feature Request on Extensions |