Re: [PATCH][RFC] set socket timeout for SSL handshake
[Date Prev][Date Next] [Thread Prev][Thread Next]Re: [PATCH][RFC] set socket timeout for SSL handshake
- From: Stefan Völkel <stefan.volkel.ext [at] nsn.com>
- To: nss-pam-ldapd-users [at] lists.arthurdejong.org
- Subject: Re: [PATCH][RFC] set socket timeout for SSL handshake
- Date: Fri, 05 Aug 2011 15:01:55 +0200
On 08/05/2011 11:59 AM, ext Arthur de Jong wrote:
On Thu, 2011-08-04 at 16:04 +0200, Stefan Völkel wrote:
[...]
Thanks, this probably means that the code that sets SO_RCVTIMEO and SO_SNDTIMEO on the socket (in do_open()) can go then. This sets the timeout higher than what is configured with timelimit to allow the LDAP library to handle the timeout instead (still not sure if OpenLDAP handles socket timeouts gracefully).
I don't see timeouts being set in do_open(). Do you mean do_close() by any chance?
If yes, I wouldn't remove those, because there is no telling if a library changes that timeout setting.
OTOH, maybe SO_LINGER would be an option here.
I'll merge your patch, very much appreciated. Can you see if you can move the registering of the callback to do_open() instead of do_bind()? Also, it is probably best to set the timeout to ldc_timelimit plus half a second or so.
I moved the callback registering to do_set_options() since all other options are also set there, and do_set_options() is called from do_open().
Also I decided to add another option, sock_timeout, to not hardcode it.And on top of that, I also created a patch against the 0.7.13 debian package.
regards Stefan
Attachment:
debian.0.7.13.patch
Description: Text Data
Attachment:
nslcd.ssl.patch
Description: Text Data
-- To unsubscribe send an email to nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see http://lists.arthurdejong.org/nss-pam-ldapd-users
- [PATCH][RFC] set socket timeout for SSL handshake,
Stefan Völkel
- Re: [PATCH][RFC] set socket timeout for SSL handshake,
Arthur de Jong
- Re: [PATCH][RFC] set socket timeout for SSL handshake, Stefan Völkel
- Re: [PATCH][RFC] set socket timeout for SSL handshake,
Arthur de Jong
- RE: [PATCH][RFC] set socket timeout for SSL handshake, Volkel, Stefan (EXT-Other - DE/Ulm)
- Re: [PATCH][RFC] set socket timeout for SSL handshake,
Arthur de Jong
- Prev by Date: Re: [PATCH][RFC] set socket timeout for SSL handshake
- Next by Date: Add a filtered user to a group without changing his main group
- Previous by thread: Re: [PATCH][RFC] set socket timeout for SSL handshake
- Next by thread: Re: [PATCH][RFC] set socket timeout for SSL handshake