Steven and Roman, Thank you for the review. Here is an updated patch that addresses both of these issues.
On Mon, Jan 12, 2026 at 4:06 AM Roman Khapov <[email protected]> wrote: > > Hi! > > Thanks for your patch! > > Adding to the one Steven wrote, I noticed one typo in the patch: > > @@ -2337,7 +2337,7 @@ postgresql://%2Fvar%2Flib%2Fpostgresql/dbname > <term><literal>ldapservice</literal></term> > <listitem> > <para> > - This option specifies an LDAP query that can be used to reference > connection paremeters > + This option specifies an LDAP query that can be used to reference > connection parameters > stored in an LDAP server. This functionality is described in more > detail in <xref linkend="libpq-ldap"/>. > </para> > > paremeters -> parameters > > -- > Best regards, > Roman Khapov
From a365a3a3cb1b9ac937a9009d1bd71bf06e9f4eea Mon Sep 17 00:00:00 2001 From: CommanderKeynes <[email protected]> Date: Sun, 23 Mar 2025 17:27:32 -0500 Subject: [PATCH] Add ldapservice connection parameter Currently there exists, only in pg_service.conf, the ability to look up connection parameters from a centralized LDAP server. This patch expands the usability of this be allowing it to be specified directly in a connection string instead of only in a pg_service.conf file. --- doc/src/sgml/libpq.sgml | 10 ++++++++++ src/interfaces/libpq/fe-connect.c | 12 ++++++++++++ src/interfaces/libpq/libpq-int.h | 1 + src/test/ldap/t/003_ldap_connection_param_lookup.pl | 12 ++++++++++++ 4 files changed, 35 insertions(+) diff --git a/doc/src/sgml/libpq.sgml b/doc/src/sgml/libpq.sgml index 7d05938feda..20a48a22c6b 100644 --- a/doc/src/sgml/libpq.sgml +++ b/doc/src/sgml/libpq.sgml @@ -2333,6 +2333,16 @@ postgresql://%2Fvar%2Flib%2Fpostgresql/dbname </listitem> </varlistentry> + <varlistentry id="libpq-connect-ldapservice" xreflabel="ldapservice"> + <term><literal>ldapservice</literal></term> + <listitem> + <para> + This option specifies an LDAP query that can be used to reference connection parameters + stored in an LDAP server. This functionality is described in more detail in <xref linkend="libpq-ldap"/>. + </para> + </listitem> + </varlistentry> + <varlistentry id="libpq-connect-target-session-attrs" xreflabel="target_session_attrs"> <term><literal>target_session_attrs</literal></term> <listitem> diff --git a/src/interfaces/libpq/fe-connect.c b/src/interfaces/libpq/fe-connect.c index a0d2f749811..6be2b792be5 100644 --- a/src/interfaces/libpq/fe-connect.c +++ b/src/interfaces/libpq/fe-connect.c @@ -206,6 +206,10 @@ static const internalPQconninfoOption PQconninfoOptions[] = { "Database-Service-File", "", 64, offsetof(struct pg_conn, pgservicefile)}, + {"ldapservice", "PGLDAPSERVICE", NULL, NULL, + "Database-LDAP-Service", "", 20, + offsetof(struct pg_conn, pgldapservice)}, + {"user", "PGUSER", NULL, NULL, "Database-User", "", 20, offsetof(struct pg_conn, pguser)}, @@ -5955,12 +5959,20 @@ parseServiceInfo(PQconninfoOption *options, PQExpBuffer errorMessage) { const char *service = conninfo_getval(options, "service"); const char *service_fname = conninfo_getval(options, "servicefile"); + const char *ldapservice = conninfo_getval(options, "ldapservice"); char serviceFile[MAXPGPATH]; char *env; bool group_found = false; int status; struct stat stat_buf; +#ifdef USE_LDAP + if (ldapservice != NULL) + if (strncmp(ldapservice, "ldap", 4) == 0) + if (!ldapServiceLookup(ldapservice, options, errorMessage)) + return 0; +#endif + /* * We have to special-case the environment variable PGSERVICE here, since * this is and should be called before inserting environment defaults for diff --git a/src/interfaces/libpq/libpq-int.h b/src/interfaces/libpq/libpq-int.h index fb6a7cbf15d..b540d3ac054 100644 --- a/src/interfaces/libpq/libpq-int.h +++ b/src/interfaces/libpq/libpq-int.h @@ -392,6 +392,7 @@ struct pg_conn char *pgservice; /* Postgres service, if any */ char *pgservicefile; /* path to a service file containing * service(s) */ + char *pgldapservice; /* Postgres LDAP service, if any */ char *pguser; /* Postgres username and password, if any */ char *pgpass; char *pgpassfile; /* path to a file containing password(s) */ diff --git a/src/test/ldap/t/003_ldap_connection_param_lookup.pl b/src/test/ldap/t/003_ldap_connection_param_lookup.pl index 359fc7a998a..6985be65408 100644 --- a/src/test/ldap/t/003_ldap_connection_param_lookup.pl +++ b/src/test/ldap/t/003_ldap_connection_param_lookup.pl @@ -196,6 +196,18 @@ local $ENV{PGSERVICEFILE} = "$srvfile_empty"; expected_stdout => qr/definition of service "undefined-service" not found/); + $dummy_node->connect_ok( + "ldapservice=ldap://localhost:$ldap_port/dc=example,dc=net?description?one?(cn=mydatabase)", + 'connection with correct "ldapservice" string', + sql => "SELECT 'connect2_4'", + expected_stdout => qr/connect2_4/); + + $dummy_node->connect_ok( + "postgres://?ldapservice=ldap%3A%2F%2Flocalhost%3A$ldap_port%2Fdc%3Dexample%2Cdc%3Dnet%3Fdescription%3Fone%3F%28cn%3Dmydatabase%29", + 'connection with correct "ldapservice"', + sql => "SELECT 'connect2_5'", + expected_stdout => qr/connect2_5/); + # Remove default pg_service.conf. unlink($srvfile_default); } -- 2.49.0
