[Date Prev][Date Next]
Client blocking forever in SSL_connect
- To: openldap-devel@OpenLDAP.org
- Subject: Client blocking forever in SSL_connect
- From: Ralf Haferkamp <email@example.com>
- Date: Mon, 19 Dec 2005 19:43:03 +0100
- Content-disposition: inline
- User-agent: KMail/1.8.2
I ran into a problem where an LDAP Client, that uses SSL/TLS (no matter
whether via ldaps or START_TLS) was indefinitely blocking in the
SSL_connect() call in libraries/libldap/tls.c.
As libldap mostly uses blocking IO (as far as I understand), the
SSL_connect call also uses blocking IO (according to the openssl docs)
and so it can easily block if the server does not reply.
I am wondering if it is possible to add functionallty to the API that
one can use SSL_connect in a non-blocking fashion. For example by
setting the underlying socket to non-blocking just before the
SSL_connect call and using select with the LDAP_OPT_NETWORK_TIMEOUT
timeout value and setting it back to blocking IO after the SSL
handshake completed. Similar to what is done in ldap_pvt_connect() in
Comments or other suggestions?