From 6b6c64a96dea5492448aa98cf24eca9325e80371 Mon Sep 17 00:00:00 2001 From: Thomas Munro Date: Tue, 13 Nov 2018 17:39:36 +1300 Subject: Fix handling of HBA ldapserver with multiple hostnames. Commit 35c0754f failed to handle space-separated lists of alternative hostnames in ldapserver, when building a URI for ldap_initialize() (OpenLDAP). Such lists need to be expanded to space-separated URIs. Repair. Back-patch to 11, to fix bug report #15495. Author: Thomas Munro Reported-by: Renaud Navarro Discussion: https://postgr.es/m/15495-2c39fc196c95cd72%40postgresql.org --- src/backend/libpq/auth.c | 42 +++++++++++++++++++++++++++++++++++++----- 1 file changed, 37 insertions(+), 5 deletions(-) (limited to 'src/backend/libpq/auth.c') diff --git a/src/backend/libpq/auth.c b/src/backend/libpq/auth.c index 85175655359..bbf102ed7de 100644 --- a/src/backend/libpq/auth.c +++ b/src/backend/libpq/auth.c @@ -2352,12 +2352,44 @@ InitializeLDAPConnection(Port *port, LDAP **ldap) #else #ifdef HAVE_LDAP_INITIALIZE { - char *uri; + const char *hostnames = port->hba->ldapserver; + char *uris = NULL; - uri = psprintf("%s://%s:%d", scheme, port->hba->ldapserver, - port->hba->ldapport); - r = ldap_initialize(ldap, uri); - pfree(uri); + /* + * We have a space-separated list of hostnames. Convert it + * to a space-separated list of URIs. + */ + do + { + const char *hostname; + size_t hostname_size; + char *new_uris; + + /* Find the leading hostname. */ + hostname_size = strcspn(hostnames, " "); + hostname = pnstrdup(hostnames, hostname_size); + + /* Append a URI for this hostname. */ + new_uris = psprintf("%s%s%s://%s:%d", + uris ? uris : "", + uris ? " " : "", + scheme, + hostname, + port->hba->ldapport); + + pfree(hostname); + if (uris) + pfree(uris); + uris = new_uris; + + /* Step over this hostname and any spaces. */ + hostnames += hostname_size; + while (*hostnames == ' ') + ++hostnames; + } while (*hostnames); + + r = ldap_initialize(ldap, uris); + pfree(uris); if (r != LDAP_SUCCESS) { ereport(LOG, -- cgit v1.2.3