RSS feed

Re: [PATCH][RFC] set socket timeout for SSL handshake

[Date Prev][Date Next] [Thread Prev][Thread Next]

Re: [PATCH][RFC] set socket timeout for SSL handshake

On Thu, 2011-08-04 at 16:04 +0200, Stefan Völkel wrote:
> I created the attached patch, to set SEND and RCV timeouts on the 
> socket, after connect() is called, but before SSL takes over.

Thanks for the testing and the patch! Timeout handling always seems to
be tricky in the LDAP library. There are half a dozen options to set and
it still doesn't always work as expected.

> That way, nslcd recieves an error while bind()ing and moves on to the 
> next server.

Thanks, this probably means that the code that sets SO_RCVTIMEO and
SO_SNDTIMEO on the socket (in do_open()) can go then. This sets the
timeout higher than what is configured with timelimit to allow the LDAP
library to handle the timeout instead (still not sure if OpenLDAP
handles socket timeouts gracefully).

> The patch is still somewhat rough around the edges, but I'd like to get 
> some feedback before going further down this road. Especially if 
> something like this would be accepted.

I'll merge your patch, very much appreciated. Can you see if you can
move the registering of the callback to do_open() instead of do_bind()?
Also, it is probably best to set the timeout to ldc_timelimit plus half
a second or so.

-- arthur - - --
To unsubscribe send an email to or see