[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
(ITS#4658) syncrepl hangup if using gssapi auth
Full_Name: Allan E. Johannesen
Version: 2.3.27
OS: Linux EL 4
URL:
Submission from: (NULL) (130.215.24.208)
I'm using cyrus sasl 2.1.21 which may be significant.
I found that syncrepl refreshAndPersist would stop working once the initial
ticket expired, although I had a process renewing the ticket. Using -d-1 on the
server, I saw this:
SASL [conn=11] Failure: GSSAPI Error: The context has expired (No error)
sb_sasl_write: failed to encode packet: generic failure
ldap_write: want=11219 error=Input/output error
ber_flush failed errno=5 reason="Input/output error"
connection_closing: readying conn=11 sd=14 for close
The slave would see no further updates after that.
I noticed that although the connection was "readied" for close, it never
closed.
I made an edit to connection.c to force a close:
utility5:/tools/src/openldap/RHEL4-i686# diff -c
openldap-2.3.27/servers/slapd/connection.c{~,}
*** openldap-2.3.27/servers/slapd/connection.c~ Wed Apr 5 14:08:48 2006
--- openldap-2.3.27/servers/slapd/connection.c Thu Aug 31 09:36:18 2006
***************
*** 961,966 ****
--- 961,969 ----
/* wake write blocked operations */
slapd_clr_write( sd, 1 );
+
+ connection_close ( c );
+
if ( c->c_writewaiter ) {
ldap_pvt_thread_cond_signal( &c->c_write_cv );
ldap_pvt_thread_mutex_unlock( &c->c_mutex );
After this, an additional line appeared after the "readying" line:
connection_close: conn=11 sd=14
The slave would complain:
do_syncrep2 : Can't contact LDAP server
sb_sasl_write: failed to encode packet: generic failure
but would then reconnect and continue to replicate.
I'm not suggesting the fix above, but it appears that the master doesn't get
into a condition where the "ready to close" connection is really closed.