lists.arthurdejong.org
RSS feed

nss-pam-ldapd commit: r1276 - nss-pam-ldapd/nslcd

[Date Prev][Date Next] [Thread Prev][Thread Next]

nss-pam-ldapd commit: r1276 - nss-pam-ldapd/nslcd

Author: arthur
Date: Fri Oct 15 11:05:18 2010
New Revision: 1276
URL: http://arthurdejong.org/viewvc/nss-pam-ldapd?view=rev&revision=1276

Log:
set a longer socket timout for the normal connection (just in case mostly) and 
a short one to use when shutting down the connection (also see 
http://www.openldap.org/its/index.cgi?selectid=6673)

Modified:
   nss-pam-ldapd/nslcd/myldap.c

Modified: nss-pam-ldapd/nslcd/myldap.c
==============================================================================
--- nss-pam-ldapd/nslcd/myldap.c        Thu Oct 14 21:11:49 2010        (r1275)
+++ nss-pam-ldapd/nslcd/myldap.c        Fri Oct 15 11:05:18 2010        (r1276)
@@ -547,6 +547,20 @@
 {
   int i;
   int rc;
+  int sd=-1;
+  struct timeval tv;
+  /* set timeout options on socket to avoid hang in some cases
+     (we set a short timeout because we don't care too much about properly
+     shutting down the connection) */
+  if (ldap_get_option(session->ld,LDAP_OPT_DESC,&sd)==LDAP_SUCCESS)
+  {
+    /* ignore errors */
+    tv.tv_sec=nslcd_cfg->ldc_timelimit/2;
+    if (!tv.tv_sec) tv.tv_sec=1;
+    tv.tv_usec=0;
+    (void)setsockopt(sd,SOL_SOCKET,SO_RCVTIMEO,(void *)&tv,sizeof(tv));
+    (void)setsockopt(sd,SOL_SOCKET,SO_SNDTIMEO,(void *)&tv,sizeof(tv));
+  }
   /* if we had reachability problems with the server close the connection */
   if (session->ld!=NULL)
   {
@@ -621,7 +635,7 @@
    and binds to the server. This returns an LDAP status code. */
 static int do_open(MYLDAP_SESSION *session)
 {
-  int rc,rc2;
+  int rc;
   int sd=-1;
   struct timeval tv;
   /* check if the idle time for the connection has expired */
@@ -644,13 +658,7 @@
                         ldap_err2string(rc),(errno==0)?"":": ",
                         (errno==0)?"":strerror(errno));
     if (session->ld!=NULL)
-    {
-      log_log(LOG_DEBUG,"ldap_unbind()");
-      rc2=ldap_unbind(session->ld);
-      session->ld=NULL;
-      if (rc2!=LDAP_SUCCESS)
-        log_log(LOG_WARNING,"ldap_unbind() failed: %s",ldap_err2string(rc2));
-    }
+      do_close(session);
     return rc;
   }
   else if (session->ld==NULL)
@@ -662,10 +670,7 @@
   rc=do_set_options(session);
   if (rc!=LDAP_SUCCESS)
   {
-    rc2=ldap_unbind(session->ld);
-    session->ld=NULL;
-    if (rc2!=LDAP_SUCCESS)
-      log_log(LOG_WARNING,"ldap_unbind() failed: %s",ldap_err2string(rc2));
+    do_close(session);
     return rc;
   }
   /* bind to the server */
@@ -679,18 +684,17 @@
                         nslcd_cfg->ldc_uris[session->current_uri].uri,
                         ldap_err2string(rc),(errno==0)?"":": ",
                         (errno==0)?"":strerror(errno));
-    rc2=ldap_unbind(session->ld);
-    session->ld=NULL;
-    if (rc2!=LDAP_SUCCESS)
-      log_log(LOG_WARNING,"ldap_unbind() failed: %s",ldap_err2string(rc2));
+    do_close(session);
     return rc;
   }
-  /* set timeout options on socket to avoid hang in some cases */
+  /* set timeout options on socket to avoid hang in some cases
+     (twice the normal timeout so this should only be triggered in cases
+     where the library behaves incorrectly) */
   if (ldap_get_option(session->ld,LDAP_OPT_DESC,&sd)==LDAP_SUCCESS)
   {
     /* ignore errors */
-    tv.tv_sec=nslcd_cfg->ldc_timelimit;
-    tv.tv_usec=500;
+    tv.tv_sec=nslcd_cfg->ldc_timelimit*2;
+    tv.tv_usec=0;
     (void)setsockopt(sd,SOL_SOCKET,SO_RCVTIMEO,(void *)&tv,sizeof(tv));
     (void)setsockopt(sd,SOL_SOCKET,SO_SNDTIMEO,(void *)&tv,sizeof(tv));
   }
--
To unsubscribe send an email to
nss-pam-ldapd-commits-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-commits