Add DNS SRV support for LDAP server discovery

Enterprise / PostgreSQL - Thomas Munro [postgresql.org] - 21 March 2019 02:28 EDT

LDAP servers can be advertised on a network with RFC 2782 DNS SRV records. The OpenLDAP command-line tools automatically try to find servers that way, if no server name is provided by the user. Teach PostgreSQL to do the same using OpenLDAP's support functions, when building with OpenLDAP.

For now, we assume that HAVE_LDAP_INITIALIZE (an OpenLDAP extension available since OpenLDAP 2.0 and also present in Apple LDAP) implies that you also have ldap_domain2hostlist() (which arrived in the same OpenLDAP version and is also present in Apple LDAP).

Author: Thomas Munro

0f086f84ad Add DNS SRV support for LDAP server discovery.
doc/src/sgml/client-auth.sgml | 21 +++++-
src/backend/libpq/auth.c | 152 +++++++++++++++++++++++++++++++-----------
src/backend/libpq/hba.c | 3 +
3 files changed, 135 insertions(+), 41 deletions(-)

Upstream: git.postgresql.org


  • Share