[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#4451) clients using SSL send unnecessary resets after connection ends
There is no OpenLDAP version "2.30".
The LDAP library does not generate raw TCP packets; the behavior of the
TCP layer is strictly a kernel issue. This ITS will be closed.
d.holmes@f5.com wrote:
> Full_Name: David Holmes
> Version: 2.30
> OS: Linux 2.4
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (24.16.147.217)
>
>
> Client programs using the ldap library end up sending an unnecessary reset when
> ldap_unbind is set. The following dump is taken from a stock version of
> ldapsearch with unexotic parameters against a stock version of slapd.
>
> % ldapsearch -b ou=People,dc=f5,dc=com -h xxx.yyy.f5net.com -x -Z
>
> My guess is that perhaps SSL_shutdown() needs to be called more than once to
> complete the shutdown alerts (though that is only for non-blocking sockets).
>
> 172.27.195.1.52152 > 172.27.220.30.ldaps: S 1614873636:1614873636(0) win 5840
> 172.27.220.30.ldaps > 172.27.195.1.52152: S 1228680152:1228680152(0) ack
> 1614873637
> 172.27.195.1.52152 > 172.27.220.30.ldaps: . ack 1 win 5840
> 172.27.195.1.52152 > 172.27.220.30.ldaps: P 1:143(142) ack 1 win 5840
> 172.27.220.30.ldaps > 172.27.195.1.52152: . ack 143 win 1716
> 172.27.220.30.ldaps > 172.27.195.1.52152: P 1:1144(1143) ack 143 win 1716
> 172.27.195.1.52152 > 172.27.220.30.ldaps: . ack 1144 win 8001
> 172.27.195.1.52152 > 172.27.220.30.ldaps: P 143:341(198) ack 1144 win 8001
> 172.27.220.30.ldaps > 172.27.195.1.52152: P 1144:1203(59) ack 341 win 1984
> 172.27.195.1.52152 > 172.27.220.30.ldaps: P 341:447(106) ack 1203 win 8001
> 172.27.220.30.ldaps > 172.27.195.1.52152: P 1203:1293(90) ack 447 win 1984
> 172.27.195.1.52152 > 172.27.220.30.ldaps: F 447:447(0) ack 1293 win 8001
> 172.27.220.30.ldaps > 172.27.195.1.52152: P 1293:1330(37) ack 448 win 1984
> 172.27.220.30.ldaps > 172.27.195.1.52152: F 1330:1330(0) ack 448 win 1984
> 172.27.195.1.52152 > 172.27.220.30.ldaps: R 1614874084:1614874084(0) win 0 (DF)
>
>
>
--
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc
OpenLDAP Core Team http://www.openldap.org/project/