[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: slapd-search generates TIME_WAIT connections increasingly (ITS#4585)

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

Pierangelo Masarati wrote:
> Thanks for the report.

Thanks very much for the quick reply!

>  I'll note a couple of comments: slapd-* tools in
> tests/progs/ are not intended for general use; they should not in gener=
al be
> used, nor considered examples of "good" LDAP programming: since recent =
> they were using deprecated API calls, they don't consistently take care=
> disposing resources after use, and so.  They are only intended as a rap=
id and
> efficient means to test OpenLDAP builds.


> Since you claim that the problem occurs with a third-party server and n=
ot with
> OpenLDAP's, and similar issues arise with your own clients using OpenLD=
> client library, chances are the problem is in the third-party server an=
d not in
> OpenLDAP's library.

Yes, right, but I would say whatever the third party LDAP server does
wrong, it should not result in a wrong behaviour on the client side
(i.e. in the OpenLDAP library).

> having said this, it might be worth investigating if there's anything w=
e can do
> at the client library's side to work around this issue.

This would be great.
As I said in the report, our actual problem are the CLOSE-WAITs which
are created by the OpenLDAP library while talking to the Microsoft
Active Directory server. The number of CLOSE_WAITs are steadily
increasing until no more sockets are available and then all connections
fail of course. I know that you need to be able to reproduce the problem
to be able to fix it, so I tried to reproduce the problem with the test
tools. That was the reason I used the test tools provided with the
OpenLDAP library, because I can not send our application.
Can I do anything to help in this case, maybe provide network
traces or such?
Best regards,


> p.

Roland Scholz
Senior SW Engineer SUN Solaris

Secure Computing=AE | Webwasher=AE, A Secure Computing Brand

  +49 (5251) 500 54-24 (Direct Phone)
  +49 (5251) 500 54-11 (Fax)

  webwasher AG
  Vattmannstrasse 3
  Paderborn 33100

  The information contained in this email message may be privileged,
  confidential and protected from disclosure. If you are not the
  intended recipient, any review, dissemination, distribution or
  copying is strictly prohibited. If you have received this email
  message in error, please notify the sender by reply email and delete
  the message and any attachments.

Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

Version: GnuPG v1.4.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org