[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
(ITS#4451) clients using SSL send unnecessary resets after connection ends
Full_Name: David Holmes
Version: 2.30
OS: Linux 2.4
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (24.16.147.217)
Client programs using the ldap library end up sending an unnecessary reset when
ldap_unbind is set. The following dump is taken from a stock version of
ldapsearch with unexotic parameters against a stock version of slapd.
% ldapsearch -b ou=People,dc=f5,dc=com -h xxx.yyy.f5net.com -x -Z
My guess is that perhaps SSL_shutdown() needs to be called more than once to
complete the shutdown alerts (though that is only for non-blocking sockets).
172.27.195.1.52152 > 172.27.220.30.ldaps: S 1614873636:1614873636(0) win 5840
172.27.220.30.ldaps > 172.27.195.1.52152: S 1228680152:1228680152(0) ack
1614873637
172.27.195.1.52152 > 172.27.220.30.ldaps: . ack 1 win 5840
172.27.195.1.52152 > 172.27.220.30.ldaps: P 1:143(142) ack 1 win 5840
172.27.220.30.ldaps > 172.27.195.1.52152: . ack 143 win 1716
172.27.220.30.ldaps > 172.27.195.1.52152: P 1:1144(1143) ack 143 win 1716
172.27.195.1.52152 > 172.27.220.30.ldaps: . ack 1144 win 8001
172.27.195.1.52152 > 172.27.220.30.ldaps: P 143:341(198) ack 1144 win 8001
172.27.220.30.ldaps > 172.27.195.1.52152: P 1144:1203(59) ack 341 win 1984
172.27.195.1.52152 > 172.27.220.30.ldaps: P 341:447(106) ack 1203 win 8001
172.27.220.30.ldaps > 172.27.195.1.52152: P 1203:1293(90) ack 447 win 1984
172.27.195.1.52152 > 172.27.220.30.ldaps: F 447:447(0) ack 1293 win 8001
172.27.220.30.ldaps > 172.27.195.1.52152: P 1293:1330(37) ack 448 win 1984
172.27.220.30.ldaps > 172.27.195.1.52152: F 1330:1330(0) ack 448 win 1984
172.27.195.1.52152 > 172.27.220.30.ldaps: R 1614874084:1614874084(0) win 0 (DF)