LDAP Authentication with spaces in DN
I'm trying to configure LDAP authentication. Added a line to pg_hba.conf
with the fowling config:
host all all 127.0.0.1/32 ldap
"ldap://ldapserver:389/o=My Organization,C=PT;cn =;,o=My Organization,C=PT"
when I try to authenticate I got a fatal error line in pg_log like this
LOG: LDAP login failed for user "cn =user1,o=My" on server "ldapserver":
error code 49
FATAL: LDAP authentication failed for user "user1"
Digging into postgres sources found the problem. File auth.c in line 1376
does some ldap configuration parse using sscanf with the mask
"ldap://%127[^:]:%d/%127[^;];%127[^;];%127s". The sscanf function reads
until it finds a blank space, tab or new line, so if the string contains any
blank space after the last ':' everything else is ignored!
PS: I'm using postgres 8.3.0
Import Notes
Resolved by subject fallback
=?iso-8859-1?Q?C=E9sar_Miguel_Oliveira_Alves?= <calves@caso.pt> writes:
Digging into postgres sources found the problem. File auth.c in line 1376
does some ldap configuration parse using sscanf with the mask
"ldap://%127[^:]:%d/%127[^;];%127[^;];%127s". The sscanf function reads
until it finds a blank space, tab or new line, so if the string contains any
blank space after the last ':' everything else is ignored!
Fixed, thanks for the report!
regards, tom lane