| From: | Peter Eisentraut <peter(at)eisentraut(dot)org> |
|---|---|
| To: | pgsql-committers(at)lists(dot)postgresql(dot)org |
| Subject: | pgsql: Remove unnecessary unbind in LDAP search+bind mode |
| Date: | 2023-07-09 06:57:21 |
| Message-ID: | E1qIOMD-002cth-Ef@gemulon.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
Remove unnecessary unbind in LDAP search+bind mode
Comments in src/backend/libpq/auth.c say: (after successfully finding
the final DN to check the user-supplied password against)
/* Unbind and disconnect from the LDAP server */
and later
/*
* Need to re-initialize the LDAP connection, so that we can bind to
* it with a different username.
*/
But the protocol actually permits multiple subsequent authentications
("binds") over a single connection.
So, it seems like the whole connection re-initialization thing was
just a confusion and can be safely removed, thus saving quite a few
network round-trips, especially for the case of ldaps/starttls.
Author: Anatoly Zaretsky <anatoly(dot)zaretsky(at)gmail(dot)com>
Discussion: https://www.postgresql.org/message-id/flat/CALbq6kmJ-1+58df4B51ctPfTOSyPbY8Qi2=ct8oR=i4TamkUoQ(at)mail(dot)gmail(dot)com
Branch
------
master
Details
-------
https://git.postgresql.org/pg/commitdiff/f8d03ea727e48c894174c4e5e6ebafc3a17ab3f7
Modified Files
--------------
doc/src/sgml/client-auth.sgml | 6 +++---
src/backend/libpq/auth.c | 25 -------------------------
2 files changed, 3 insertions(+), 28 deletions(-)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 2023-07-09 07:56:28 | pgsql: doc: Move DEFAULT parameter on COPY reference page |
| Previous Message | Thomas Munro | 2023-07-09 06:17:41 | pgsql: Rename port/thread.c to port/user.c. |