[Date Prev][Date Next] [Chronological] [Thread] [Top]

problems on EAGAIN? (was: TLS connect from remote host to slapd hangs)



Rainer Clasen wrote:
> I can access this slapd fine from the server itself. But when I try to
> contact the new slave from *anywhere* else the connection hangs during
> the initial SSL phase.

I've run the server under strace. slapd starts sending the CA
certificates and after several successfull write()s one call to write()
returns EAGAIN. Up to then the client received some certificates and
then blocks.

Such a failed connect looks like this:
25913 getpid()                          = 25913
25913 time(NULL)                        = 1036317066
25913 getpid()                          = 25913
25913 getpid()                          = 25913
25913 write(12, "\26\3\1\0J\2\0\0F\3\1=\304\361\2126\266Bf\35`\252\372d"..., 4096) = 4096
25913 write(12, "\30\6\3U\4\3\23\21beTRUSTed Root CA\0Y0W1\v0"..., 10583) = 8688
25913 write(12, "U\4\6\23\2CA1\v0\t\6\3U\4\10\23\2ON1\0200\16\6\3U\4\7\23"..., 1895) = -1 EAGAIN (Resource temporarily unavailable)
25913 getpid()                          = 25913
25913 sched_yield()                     = 0
25913 select(13, [4 6 7 8 12], [], NULL, NULL <unfinished ...>
25912 <... poll resumed> [{fd=10, events=POLLIN}], 1, 2000) = 0
25912 getppid()                         = 25911
25912 poll([{fd=10, events=POLLIN}], 1, 2000) = 0
25912 getppid()                         = 25911

When running ldapsearch on the same host, I get:
25875 getpid()                          = 25875
25875 time(NULL)                        = 1036316946
25875 getpid()                          = 25875
25875 getpid()                          = 25875
25875 write(12, "\26\3\1\0J\2\0\0F\3\1=\304\361\22\25\315[\234\303\25]S"..., 4096) = 4096
25875 write(12, "\30\6\3U\4\3\23\21beTRUSTed Root CA\0Y0W1\v0"..., 10583) = 10583
25875 read(12, 0x81dade0, 5)            = -1 EAGAIN (Resource temporarily unavailable)
25875 getpid()                          = 25875
25875 sched_yield()                     = 0
25875 select(13, [4 6 7 8 12], [], NULL, NULL) = 1 (in [12])
25875 time(NULL)                        = 1036316946
25875 time(NULL)                        = 1036316946

Could it be that slapd chokes on the EAGAIN received when writing out the CA
certificates?

Rainer

-- 
KeyID=759975BD fingerprint=887A 4BE3 6AB7 EE3C 4AE0  B0E1 0556 E25A 7599 75BD