| From: | Roman Khapov <rkhapov(at)yandex-team(dot)ru> |
|---|---|
| To: | pgsql-hackers(at)lists(dot)postgresql(dot)org |
| Subject: | LDAP timeout options |
| Date: | 2026-06-12 07:08:29 |
| Message-ID: | 2A7A01E0-3DE5-4E04-B07D-EAEE48C3D71C@yandex-team.ru |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi hackers!
While working on connections stall problems with external LDAP authentication for [0] I made a notice,
that the problem can be relevant for Postgres too: when LDAP timeout options was not set and auth operations is taking
long time, the connection (or backend slot) can be hold for a undefined amount of time, causing various problems on server-side.
Seems like for some installation this times should be configurable, so I made a POC patch (attached), that adds new
LDAP hba options: ldapnetworktimeout and ldaptimeout, which allows to configure LDAP_OPT_SEND_TIMEOUT/LDAP_OPT_NETWORK_TIMEOUT and LDAP_OPT_TIMELIMIT/LDAP_OPT_TIMEOUT for LDAP* objects.
Any thoughts on this?
| Attachment | Content-Type | Size |
|---|---|---|
| 0001-Add-timeout-options-for-LDAP-authentication-connecti.patch | application/octet-stream | 9.9 KB |
| unknown_filename | text/plain | 31 bytes |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | David E. Wheeler | 2026-06-12 07:19:51 | Re: Why our Valgrind reports suck |
| Previous Message | Andrey Borodin | 2026-06-12 07:02:50 | Re: injection_points: Switch wait/wakeup to use atomics rather than latches |