[PATCH][RFC] set socket timeout for SSL handshake
[Date Prev][Date Next] [Thread Prev][Thread Next][PATCH][RFC] set socket timeout for SSL handshake
- From: Stefan Völkel <stefan.volkel.ext [at] nsn.com>
- To: nss-pam-ldapd-users [at] lists.arthurdejong.org
- Subject: [PATCH][RFC] set socket timeout for SSL handshake
- Date: Thu, 04 Aug 2011 16:04:51 +0200
Hi,while testing nslcd's timeout settings I created a situation, where nslcd would wait forever.
This happens, when you configure SSL and the server side accept()s your connection but does not answer the SSL HELLO.
To test this, you can use netcat:
nc -l -p 636
and configure nslcd against ldaps://localhost
I created the attached patch, to set SEND and RCV timeouts on the
socket, after connect() is called, but before SSL takes over.
That way, nslcd recieves an error while bind()ing and moves on to the next server.
The patch is still somewhat rough around the edges, but I'd like to get some feedback before going further down this road. Especially if something like this would be accepted.
Thanks,
Stefan
Attachment:
nslcd.ssl.patch
Description: Text Data
-- To unsubscribe send an email to nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see http://lists.arthurdejong.org/nss-pam-ldapd-users
- [PATCH][RFC] set socket timeout for SSL handshake, Stefan Völkel
- Re: [PATCH][RFC] set socket timeout for SSL handshake,
Arthur de Jong
- Re: [PATCH][RFC] set socket timeout for SSL handshake,
Stefan Völkel
- Re: [PATCH][RFC] set socket timeout for SSL handshake,
Arthur de Jong
- RE: [PATCH][RFC] set socket timeout for SSL handshake, Volkel, Stefan (EXT-Other - DE/Ulm)
- Re: [PATCH][RFC] set socket timeout for SSL handshake,
Arthur de Jong
- Re: [PATCH][RFC] set socket timeout for SSL handshake,
Stefan Völkel
- Prev by Date: Re: groupOfNames not working
- Next by Date: Re: [PATCH][RFC] set socket timeout for SSL handshake
- Previous by thread: Re: groupOfNames not working
- Next by thread: Re: [PATCH][RFC] set socket timeout for SSL handshake