[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#3663) No timeout in ldap binds

To: openldap-its@OpenLDAP.org
Subject: (ITS#3663) No timeout in ldap binds
From: dlecorfec@free.fr
Date: Fri, 15 Apr 2005 16:32:10 GMT

Full_Name: David Le Corfec
Version: 2.x
OS: SuSE
URL: 
Submission from: (NULL) (84.96.42.75)


Hi,

Any news regarding the lack of a timeout in ldap bind ?

A NULL timeval is supplied to ldap_result()
in libraries/libldap/sasl.c/ldap_sasl_bind_s().

	if ( ldap_result( ld, msgid, 1, NULL, &result ) == -1 )

In effect, a select() will wait forever.

I understand that it would require an API change, as discussed
around ITS#980-983.
Even if it had a sensible default timeout or a global setting ?

The problem is that it's currently possible to hang local
and remote logins using unix or ldap accounts to all machine
depending on a LDAP server which doesn't answer past
the TCP connection ... (can be simulated by sending SIGSTOP to slapd :)
Already happened several times this week for various reasons :(

Bye,

Prev by Date: (ITS#3662) Little error in /servers/slapd/config.h
Next by Date: Re: (ITS#3663) No timeout in ldap binds
Index(es):
- Chronological
- Thread