[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#4429) (back-ldap?) slapd deadlock
On Tue, 2006-03-28 at 19:35 +0000, ando@sys-net.it wrote:
> On Tue, 2006-03-28 at 19:23 +0000, richton@nbcs.rutgers.edu wrote:
>
> > And there's your reason why the connection is failing. Now, what's making
> > it fail StartTLS when it started TLS so nicely so many other times?
> >
> > Hmm. Well, I _am_ running OpenSSL 0.9.7g, and I know what we like to say
> > about old versions. But I just restarted with OpenSSL 0.9.7i before
> > sending this (shared objects are your friend) so we'll see how that goes.
>
> This makes perfectly sense. I don't have the answer right now, but
> there might be something broken in StartTLS while retrying; I don't
> recall testing that case.
I've checked this stuff right now and it seems to work fine; I'm not
sure I tested all combinations of parameters, though.
What is the TLS-related configuration of back-ldap, and what is the
exact sequence of operations you make?
I've checked
uri ldap://:9011
tls propagate
conn-ttl 10
using ldapsearch with and without -ZZ, and
uri ldap://:9011
tls propagate
conn-ttl 10
again using ldapsearch with and without -ZZ. In both cases, I first run
an operation; then I re-run it after the conn-ttl has expired.
p.
Ing. Pierangelo Masarati
Responsabile Open Solution
OpenLDAP Core Team
SysNet s.n.c.
Via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
------------------------------------------
Office: +39.02.23998309
Mobile: +39.333.4963172
Email: pierangelo.masarati@sys-net.it
------------------------------------------