[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#7428) libldap: use non-blocking IO during TLS handshake
- To: openldap-its@OpenLDAP.org
- Subject: Re: (ITS#7428) libldap: use non-blocking IO during TLS handshake
- From: rhafer@suse.de
- Date: Wed, 21 Nov 2012 13:53:33 GMT
- Auto-submitted: auto-generated (OpenLDAP-ITS)
I just pushed latest incarnation of my patch to master. The code in currently
hidden behind #ifdefs (mainly for the NSS issues outlined on -devel) and I
switch back again to using LDAP_OPT_NETWORK_TIMEOUT for TLS handshake timeouts.
regards,
Ralf
On Thu, Nov 01, 2012 at 05:22:42PM +0000, rhafer@suse.de wrote:
>
> Currently libldap is using blocking IO when performing the SSL handshake for
> ldaps:// connections (and when performing the StartTLS operation). The can lead
> to the client blocking forever in the ssl lib (in SSL_connect in case of
> openssl) if e.g. the server for whatever reason stops responding. It would be
> very helpful if libldap would use non-blocking IO during the handshake at least
> when LDAP_OPT_NETWORK_TIMEOUT (or LDAP_OPT_TIMEOUT?) are set.