[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
slapd hangs after SSL_accept
Hi,
I have found and removed a bug in the last stable version.
version: openldap-stable-20020618.tgz
description:
When I connect to SSL acceptor, slapd hangs right after successfull SSL handshake.
When I kill the client, slapd processes the LDAP request and discovers client socket shutdown.
explanation:
OpenSSL uses buffered input streams.
LDAP client completes SSL handshake by sending some SSL data. Immediately after that, it sends first LDAP protocol data.
So it happens, that slapd receives both the data within one select() iteration!
bug:
slapd returns from connection_read() after successfull SSL_accept() and blocks in select(), leaving the received LDAP data unread in a ber socket buffer.
impact:
If the LDAP request data are little enough to fit in the input buffer on slapd with the last SSL handshake data, LDAP client blocks in read() from socket, waiting for an LDAP response, that cannot come.
correction:
Continue reading after successfull SSL_accept() in connection_read().
diff -Naur openldap-2.0.25/servers/slapd/connection.c openldap-2.0.25.my/servers/slapd/connection.c
--- openldap-2.0.25/servers/slapd/connection.c Thu Jun 6 02:07:40 2002
+++ openldap-2.0.25.my/servers/slapd/connection.c Thu Jul 4 17:01:32 2002
@@ -979,9 +979,11 @@
authid = (char *)ldap_pvt_tls_get_peer( ssl );
slap_sasl_external( c, c->c_tls_ssf, authid );
}
- connection_return( c );
- ldap_pvt_thread_mutex_unlock( &connections_mutex );
- return 0;
+ if ( rc != 0 || !ber_sockbuf_ctrl( c->c_sb, LBER_SB_OPT_DATA_READY, NULL ) ) {
+ connection_return( c );
+ ldap_pvt_thread_mutex_unlock( &connections_mutex );
+ return 0;
+ }
}
#endif
I hope that is enough for a bug report. If not, point me to instructions, please, and I will report it better.
Regards
Petr Frisch