[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: problems on EAGAIN? (was: TLS connect from remote host to slapd hangs)

To: openldap-software@OpenLDAP.org
Subject: Re: problems on EAGAIN? (was: TLS connect from remote host to slapd hangs)
From: bj@zuto.de (Rainer Clasen)
Date: Mon, 4 Nov 2002 12:04:13 +0100
Content-disposition: inline
In-reply-to: <20021103100233.GB22956@zuto.de>
References: <20021020210738.GG11497@zuto.de> <20021103100233.GB22956@zuto.de>
User-agent: Mutt/1.3.28i

Rainer Clasen wrote:
> Rainer Clasen wrote:
> > I can access this slapd fine from the server itself. But when I try to
> > contact the new slave from *anywhere* else the connection hangs during
> > the initial SSL phase.
> 
> I've run the server under strace. slapd starts sending the CA
> certificates and after several successfull write()s one call to write()
> returns EAGAIN. Up to then the client received some certificates and
> then blocks.

after figuring out, that slapd picks the CAPath from ldap.conf in
addition to a CAFile in slapd.conf I was able to workaround this problem
by limiting the set of CA certificates the server knows to a small
subset.



Rainer

-- 
KeyID=759975BD fingerprint=887A 4BE3 6AB7 EE3C 4AE0  B0E1 0556 E25A 7599 75BD

Follow-Ups:
- RE: problems on EAGAIN? (was: TLS connect from remote host to slapd hangs)
  - From: "Howard Chu" <hyc@highlandsun.com>
- Re: problems on EAGAIN? (was: TLS connect from remote host to slapd hangs)
  - From: Tony Earnshaw <tonni@billy.demon.nl>

References:
- problems on EAGAIN? (was: TLS connect from remote host to slapd hangs)
  - From: bj@zuto.de (Rainer Clasen)

Prev by Date: Re: What slurpd is waiting for?
Next by Date: RE: order of multivalue attributes
Index(es):
- Chronological
- Thread