Re: (ITS#4494) connections are not asynchrounous

[lrm@interlinknetworks.com]

I have already tried this.  It does not have any affect on SSL connection
negotitation.

There is a very interseting comment in the code which indicates someone was
aware of the problem.  From the 2.3.20 source distribution, file
libraries/libldap/tls.c (line 1445):

        /*
         * Fortunately, the lib uses blocking io...
         */
        if ( ldap_int_tls_connect( ld, conn ) < 0 ) {
                ld->ld_errno = LDAP_CONNECT_ERROR;
                return (ld->ld_errno);
        }

And in ldap_int_tls_connect(), there is a call to SSL_connect( ssl ) that has no
provision for asynchronous operation.  There is no setting of the non-blocking
option that I can find in this code sequence.


To reproduce the problem, simply point your ldaps: URL to a TCP server port that
accepts connections, and does nothing with them.  The LDAP client will hang
forever (or until the server ephemeral port is closed).


That's all for now,

--Larry

Quoting Pierangelo Masarati <ando@sys-net.it>:

> Can you set LDAP_OPT_NETWORK_TIMEOUT option via ldap_set_option(3) in your
> client, and see if your problem is alleviated (for instance by using a
> reasonably short timeout)?
>
> p.
>
>
>
> Ing. Pierangelo Masarati
> Responsabile Open Solution
> OpenLDAP Core Team
>
> SysNet s.n.c.
> Via Dossi, 8 - 27100 Pavia - ITALIA
> http://www.sys-net.it
> ------------------------------------------
> Office:   +39.02.23998309
> Mobile:   +39.333.4963172
> Email:    pierangelo.masarati@sys-net.it
> ------------------------------------------
>
>




----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.