OpenLDAP
Up to top level
Build   Contrib   Development   Documentation   Historical   Incoming   Software Bugs   Software Enhancements   Web  

Logged in as guest

Viewing Archive.Software Enhancements/169
Full headers

From: webmaster@access.ch
Subject: Socket Connection Timeout Patch
Compose comment
Download message
State:
1 replies: 1
0 followups:

Major security issue: yes  no

Notes:

Notification:


Date: Thu, 20 May 1999 08:40:57 GMT
From: webmaster@access.ch
To: openldap-its@OpenLDAP.org
Subject: Socket Connection Timeout Patch
Full_Name: Philipp Klaus
Version: 1.2.1
OS: Linux
URL: http://www.internet.access.ch/openldap/ldap_timeout.patch
Submission from: (NULL) (195.112.64.100)


OpenLDAP in release 1.2.1 didn't handle timeouts on ldap connections. If a
connection
was opened and not correctly closed by the client (caused by a bad network
connection
p.e) the slapd holds the connection forever and after some time it will run out
of
file descriptors (for the sockets).

I implemented a simple timeout handling by adding a last activity field to the
connection structure. Each time a read or write access is made to a connection,
this
field is set to the current time. In each loop this value is checked against
the
current time and if the difference is greater than the value set in the
configuration
file the connection is closed by the server.

All changes are ifdef'ed with _INA_CONN_TIMEOUT to enable compiling without the
patch.

The diff is done against the current release (1.2.1) because I couldn't find a
devel
tarball and I am not very used to the CVS system (sorry).

All code is given to the open source community free of any charge.

Reply 1

Resend
From: Kurt Zeilenga <kurt@OpenLDAP.org>
To: webmaster@access.ch
Subject: Re: Socket Connection Timeout Patch (ITS#169)
Date: Tue May 25 15:01:51 1999
Phillip,

This seems like a reasonable approach to work in
cooperation with a TCP KeepAlive approach.  I've
committed a KeepAlive approach to -devel.  (See
discussions on the -devel mailing list).

A couple of suggestions for the inactive timer:
 * timeout of zero (0) should disable the timer
 * default timeout should be zero (0) (ie: disabled).
 * difftime() should be used to compare times
 * code should be ported to -devel

Is is possible for you to make some or all of
these changes and following up your ITS with
a new tarball?

Porting to -devel, of course, would require CVS access.

Kurt

Up to top level
Build   Contrib   Development   Documentation   Historical   Incoming   Software Bugs   Software Enhancements   Web  

Logged in as guest


The OpenLDAP Issue Tracking System uses a hacked version of JitterBug

______________
© Copyright 2013, OpenLDAP Foundation, info@OpenLDAP.org