Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ldap: modify variable name and initialize connection with root_dn and root_pwd (#43824) #43914

Merged
merged 1 commit into from
May 17, 2023
Merged

ldap: modify variable name and initialize connection with root_dn and root_pwd (#43824) #43914

merged 1 commit into from
May 17, 2023
+18 −23

Conversation

ti-chi-bot
Copy link
Member

This is an automated cherry-pick of #43824

What problem does this PR solve?

Issue Number: close #43822

Problem Summary:

  1. TiDB uses variable root_pw, which is different from root_pwd.
  2. TiDB doesn't support the server which doesn't allow anonymous bind.

What is changed and how it works?

  1. Rename the variables to root_pwd.
  2. Initialize the connection with binding to the root_dn and root_pwd.

The only concern is that the the ACL configuration for anonymous user and root could be different.

Check List

Tests

  • Unit test
  • Integration test
  • Manual test
  • No code

I manually tested this patch with okta ldap service, which doesn't support anonymous binding.

Copied from #43822, I also attached the "Alternatives" here:

I have checked the behavior on two different implementations:

Alternatives

  1. Percona server, as shown in its code, will also use root_dn and root_pwd to initialize the connection.
  2. MySQL server doesn't detect the connection status. If a connection is killed (or lost) from the server side, the connection will pollute the connection pool, and all following login will fail. (tcpdump on the LDAP server, no request will arrive).

I think the first one is apparently better.

@ti-chi-bot ti-chi-bot requested a review from a team as a code owner May 17, 2023 09:14
@ti-chi-bot ti-chi-bot mentioned this pull request May 17, 2023
Merged
4 tasks
@ti-chi-bot
Copy link

ti-chi-bot bot commented May 17, 2023
edited
Loading

[REVIEW NOTIFICATION]

This pull request has been approved by:

  • CbcWestwolf
  • bb7133

To complete the pull request process, please ask the reviewers in the list to review by filling /cc @reviewer in the comment.
After your PR has acquired the required number of LGTMs, you can assign this pull request to the committer in the list by filling /assign @committer in the comment to help you merge this pull request.

The full list of commands accepted by this bot can be found here.

Reviewer can indicate their review by submitting an approval review.
Reviewer can cancel approval by submitting a request changes review.

@ti-chi-bot ti-chi-bot added release-note-none Denotes a PR that doesn't merit a release note. size/M Denotes a PR that changes 30-99 lines, ignoring generated files. type/cherry-pick-for-release-7.1 This PR is cherry-picked to release-7.1 from a source PR. labels May 17, 2023
@ti-chi-bot ti-chi-bot bot added do-not-merge/cherry-pick-not-approved do-not-merge/release-note-label-needed Indicates that a PR should not merge because it's missing one of the release note labels. and removed do-not-merge/release-note-label-needed Indicates that a PR should not merge because it's missing one of the release note labels. labels May 17, 2023
@VelocityLight VelocityLight added cherry-pick-approved Cherry pick PR approved by release team. and removed do-not-merge/cherry-pick-not-approved labels May 17, 2023
@ti-chi-bot ti-chi-bot bot added the status/LGT1 Indicates that a PR has LGTM 1. label May 17, 2023
bb7133
bb7133 approved these changes May 17, 2023
View reviewed changes
Copy link
Member

@bb7133 bb7133 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@bb7133
Copy link
Member

bb7133 commented May 17, 2023

/merge

@ti-chi-bot ti-chi-bot bot added status/LGT2 Indicates that a PR has LGTM 2. and removed status/LGT1 Indicates that a PR has LGTM 1. labels May 17, 2023
@ti-chi-bot
Copy link

ti-chi-bot bot commented May 17, 2023

This pull request has been accepted and is ready to merge.

Commit hash: 1f5a013

@ti-chi-bot ti-chi-bot bot added the status/can-merge Indicates a PR has been approved by a committer. label May 17, 2023
@ti-chi-bot ti-chi-bot bot merged commit 241d5ee into pingcap:release-7.1 May 17, 2023
@VelocityLight VelocityLight added do-not-merge/cherry-pick-not-approved cherry-pick-approved Cherry pick PR approved by release team. and removed cherry-pick-approved Cherry pick PR approved by release team. do-not-merge/cherry-pick-not-approved labels May 31, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@CbcWestwolf CbcWestwolf CbcWestwolf approved these changes

@bb7133 bb7133 bb7133 approved these changes

Assignees
No one assigned
Labels
cherry-pick-approved Cherry pick PR approved by release team. release-note-none Denotes a PR that doesn't merit a release note. size/M Denotes a PR that changes 30-99 lines, ignoring generated files. status/can-merge Indicates a PR has been approved by a committer. status/LGT2 Indicates that a PR has LGTM 2. type/cherry-pick-for-release-7.1 This PR is cherry-picked to release-7.1 from a source PR.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@ti-chi-bot @bb7133 @CbcWestwolf @VelocityLight @YangKeao