[Date Prev][Date Next]
(ITS#8047) TIMEOUT and NETWORK_TIMEOUT don't work properly with SSL
Full_Name: Jan Synacek
Submission from: (NULL) (126.96.36.199)
TIMEOUT and NETWORK_TIMEOUT are not applied when trying to connect to a stalled
server using SSL. The same scenario works when using an unencrypted connection.
1) set up a server for use with SSL (localhost connection is enough)
2) set NETWORK_TIMEOUT and TIMEOUT in ldap.conf
3) slapd -u ldap -g ldap -h "ldapi:/// ldaps://localhost" -d1
4) verify that connection works
ldapsearch -x -H ldaps://localhost
5) kill -STOP <server pid>
6) ldapsearch -x -H ldaps://localhost
At this point, the client hangs and doesn't properly time out.
For more information including a packet capture, see the original bug report:
This bug doesn't seem to be crypto library specific. I reproduced it with both
moznss and openssl.