Re: BUG #15495: Ldap authentication not working with multiple server in Postgresql 11

On Sat, Nov 10, 2018 at 11:45 AM Thomas Munro
<thomas(dot)munro(at)enterprisedb(dot)com> wrote:
> On Sat, Nov 10, 2018 at 8:28 AM Thomas Munro
> <thomas(dot)munro(at)enterprisedb(dot)com> wrote:
> > On Sat, Nov 10, 2018 at 4:48 AM PG Bug reporting form
> > <noreply(at)postgresql(dot)org> wrote:
> > > After upgrade database from postgresql 10.5 to postgresql 11.1, LDAP
> > > authentication no longer work with multiple ldap server specified.

> > Thanks for the report. I see the problem. In commit
> > 35c0754fadca8010955f6b10cb47af00bdbe1286 we switched from ldap_init()
> > to ldap_initialize() because the newer interface supports LDAPS. To
> > do that we have to build a URI from the given protocol, server and
> > port. I overlooked the case where multiple servers are specified in
> > ldapserver. If you say ldapserver="a b c" then we generate a URI
> > "ldap://a b c:389", but it looks like we should instead generate a URI
> > list "ldap://a:389 ldap://b:389 ldap://c:389".
>
> Here's a draft patch.

I did some testing with various multi-server configurations, added a
simple two hostname case to the regression tests and pushed this to
master and 11. Thanks again for the report.

--
Thomas Munro
http://www.enterprisedb.com