Re: pgsql: Allow ldaps when using ldap authentication
| От | Peter Eisentraut |
|---|---|
| Тема | Re: pgsql: Allow ldaps when using ldap authentication |
| Дата | |
| Msg-id | c83dd869-1ecb-11d9-9a65-68792043ad68@2ndquadrant.com обсуждение исходный текст |
| Ответ на | Re: pgsql: Allow ldaps when using ldap authentication (Thomas Munro <thomas.munro@enterprisedb.com>) |
| Список | pgsql-committers |
On 1/3/18 16:24, Thomas Munro wrote: > Windows documentation talks about LDAP_SSL_PORT instead. I assume > that "Vista Ultimate 6.0.6000 MSVC 2005 Pro 8.0.50727.867" doesn't > define LDAPS_PORT, but some later version added it for compatibility > with OpenLDAP. Let's just define it ourselves if it's undefined as we > did for some other LDAP macros, since its value is well known (it's an > IANA-registered port). See attached. > > While poking around in the documentation, I came across this > surprising sentence[1]: "Be aware that even if the secure parameter is > set to zero, if the PortNumber parameter is set to LDAP_SSL_PORT (636) > or to LDAP_SSL_GC_PORT (3269), an encrypted session is initiated." > Huh. That wasn't mentioned on the main page for the function[2] and > I don't like it, because it means that the same connection string > could have a different meaning on Windows and Unix. So I also propose > that we also tweak the code to prevent that. pushed -- Peter Eisentraut http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
В списке pgsql-committers по дате отправления: