Re: tcp timeoutcon patch for libldap

["Kurt D. Zeilenga" <Kurt@OpenLDAP.org>]

At 02:59 PM 7/28/99 +0200, Lars Uffmann wrote:
>we had massive problems with LDAP clients
>blocking in the connect() system call.
>So I wrote a patch against libldap/os-ip.c
>which uses a non-blocking socket and select()
>to avoid this.

One of the issues we need to discuss is where
handling of such I/O details is to be done.  I
see a bit of discontinuity between this change
and recent TLS changes which moved some of the
I/O option handling down into -llber.

It's my opinion that I/O options should be
set by -lldap (through LDAP_OPT_ mechanism) and
passed down into -llber.  -llber should be
designed to work read/write from any I/O channel
and that the caller should provide replacement
routines (via hooks) if the default (read/write)
are not appropriate (such as for TLS).

Applications which use -llber directly (such as
slapd) would have to manage the I/O options
internally.  This, of course, can be facilated
by exposing a private interface to -lldap routines
to do the nitty gritty.

Anyways, as the TLS developers have obviously
put some thought into the changes they introduced,
I think it wise of them to examine your patch
and offer comments on how best to proceed.

>To set/get the timeout, I used
>the yet unused LDAP_OPT_TIMEOUT option flag
>in ldap.h.

The LDAP_OPT_TIMEOUT was meant to be used as a
per LDAP API call timeout versus a per network call
timeout.  Implementation of such gets a little
tricky.

If you want a per network call timeout, I would
suggest introducing another option.
	LDAP_OPT_NETWORK_TIMEOUT

Enforcing both is a little tricky, but doable.

Note: The invalue of these options should be
"struct timeval *".