| From: | Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> |
|---|---|
| To: | Thomas Munro <thomas(dot)munro(at)enterprisedb(dot)com> |
| Cc: | pgsql-committers <pgsql-committers(at)postgresql(dot)org> |
| Subject: | Re: pgsql: Allow ldaps when using ldap authentication |
| Date: | 2018-01-04 15:53:20 |
| Message-ID: | c83dd869-1ecb-11d9-9a65-68792043ad68@2ndquadrant.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
On 1/3/18 16:24, Thomas Munro wrote:
> Windows documentation talks about LDAP_SSL_PORT instead. I assume
> that "Vista Ultimate 6.0.6000 MSVC 2005 Pro 8.0.50727.867" doesn't
> define LDAPS_PORT, but some later version added it for compatibility
> with OpenLDAP. Let's just define it ourselves if it's undefined as we
> did for some other LDAP macros, since its value is well known (it's an
> IANA-registered port). See attached.
>
> While poking around in the documentation, I came across this
> surprising sentence[1]: "Be aware that even if the secure parameter is
> set to zero, if the PortNumber parameter is set to LDAP_SSL_PORT (636)
> or to LDAP_SSL_GC_PORT (3269), an encrypted session is initiated."
> Huh. That wasn't mentioned on the main page for the function[2] and
> I don't like it, because it means that the same connection string
> could have a different meaning on Windows and Unix. So I also propose
> that we also tweak the code to prevent that.
pushed
--
Peter Eisentraut http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2018-01-04 16:00:24 | Re: pgsql: Add parallel-aware hash joins. |
| Previous Message | Peter Eisentraut | 2018-01-04 15:52:21 | pgsql: Define LDAPS_PORT if it's missing and disable implicit LDAPS on |