libpq: Set LDAP protocol version 3

Some LDAP servers reject the default version 2 protocol.  So set
version 3 before starting the connection.  This matches how the
backend LDAP code has worked all along.

Co-authored-by: Andrew Jackson <andrewjackson947@gmail.com>
Reviewed-by: Pavel Seleznev <pavel.seleznev@gmail.com>
Discussion: https://www.postgresql.org/message-id/flat/CAKK5BkHixcivSCA9pfd_eUp7wkLRhvQ6OtGLAYrWC%3Dk7E76LDQ%40mail.gmail.com

diff --git a/src/interfaces/libpq/fe-connect.c b/src/interfaces/libpq/fe-connect.c
index afa85d9fca9611a393d279e4f7c637c5639bc6ee..a3d12931fff309fa2e91fa782989456406ce4bfe 100644 (file)
--- a/src/interfaces/libpq/fe-connect.c
+++ b/src/interfaces/libpq/fe-connect.c
@@ -5494,6 +5494,7 @@ ldapServiceLookup(const char *purl, PQconninfoOption *options,
                           *entry;
        struct berval **values;
        LDAP_TIMEVAL time = {PGLDAP_TIMEOUT, 0};
+       int                     ldapversion = LDAP_VERSION3;
 
        if ((url = strdup(purl)) == NULL)
        {
@@ -5625,6 +5626,15 @@ ldapServiceLookup(const char *purl, PQconninfoOption *options,
                return 3;
        }
 
+       if ((rc = ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &ldapversion)) != LDAP_SUCCESS)
+       {
+               libpq_append_error(errorMessage, "could not set LDAP protocol version: %s",
+                                                  ldap_err2string(rc));
+               free(url);
+               ldap_unbind(ld);
+               return 3;
+       }
+
        /*
         * Perform an explicit anonymous bind.
         *