[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Changing timeouts from a slapd module
- Subject: Changing timeouts from a slapd module
- From: dee heffem <dheffem@gmail.com>
- Date: Tue, 21 May 2019 09:12:23 -0500
- Cc: OpenLDAP Technical <openldap-technical@openldap.org>
- Content-language: en-US
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=cc:references:from:subject:message-id:date:user-agent:mime-version :in-reply-to:content-language:content-transfer-encoding; bh=ZBXnm53Kb0cNJQ632edGjDD/ttuYkJUk8Kb/CqhtBAw=; b=JW5vjjZARq8uwElFyDJS/JfUYXXl3QwjhhHV9ij84q02jaWVVATClhtu7YPdn5zsh5 ZUmnwch0pzDrBi48uDuMxvJUVv8fKfr15/phuD0PLzRGhTprYLQFlVlVCc+6/jEktw3N 42om/YOfrYPxeuppgTiVWo9xEnBIwa8VP6J2dfc/PpPm6dijNji9zEazIc8M8RN4eTll mQ6UmqAnzZGt0Y/vzJ+SISLgDThiqID4eF7yr6OoZ/VYl+qCqJrVgvoPn8UuUppTlHyk qzaDMan+iPD9+IHdPQL6KxCkEFf95lMXTn4NEaXadSSxA1KGZgvgCDpkgSVCSXpp9Qln fReA==
- In-reply-to: <01A83D0402E9486565385086@[192.168.1.39]>
- References: <CAM-t1EaWZ1mmzbtyV-XRxtmyk=6kRbsdYzC7WFLBZv5=F7XBhQ@mail.gmail.com> <87ef51x91g.fsf@pink.fritz.box> <3F66A84DB9D8E99EF5A5825C@192.168.1.39> <CAM-t1EbApGTcNpd6bHSFQEU91OQFDYO0J2UzDSX7RnyMGDPUQg@mail.gmail.com> <87k1esyscr.fsf@pink.fritz.box> <CAM-t1Eak3b+3jB2NTagSVc-JPvW0exqJRZFhkmQ++49AEZ5Q6A@mail.gmail.com> <2B13C8F70A0C725107F0641B@192.168.1.39> <CAM-t1EZYcqYCiNdphAQ23kaMP_wgsyjt0SF=cuwWmaj4SMqjwA@mail.gmail.com> <01A83D0402E9486565385086@[192.168.1.39]>
- User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1
I'm calling a 3rd party 2FA API from within a password module in
OpenLDAP. The 2FA API call sends an SMS push to a mobile device.
If the push does not return a result within 10 seconds, auth
fails with what looks like a socket (tls_read) timeout[1]. What is going
on there and can this timeout be increased if that's what this is?
60 seconds would be more user friendly but after some experimentation
with ldap_set_option() I've not been able to affect the connection
timeout -- if that's what it is.
Thanks
------------------- push timed out ------------------------------
5ce4023e daemon: activity on 1 descriptor
5ce4023e daemon: activity on: 30r
5ce4023e daemon: read active on 30
5ce4023e daemon: epoll: listen=8 active_threads=0 tvp=zero
5ce4023e daemon: epoll: listen=9 active_threads=0 tvp=zero
5ce4023e daemon: epoll: listen=10 active_threads=0 tvp=zero
5ce4023e connection_get(30)
5ce4023e connection_get(30): got connid=1002
5ce4023e connection_read(30): checking for input on id=1002
ber_get_next
tls_read: want=5, got=5
0000: 17 03 03 00 26 ....&
tls_read: want=38, got=38
0000: 00 00 00 00 00 00 00 04 22 93 b3 d6 32 6d 6b c2
........"...2mk.
0010: 1c d2 4b 74 d9 87 8e c2 63 35 02 e4 5e 5f d6 76
..Kt....c5..^_.v
0020: b5 b4 8b d2 04 14 ......
ldap_read: want=8, got=8
0000: 30 0c 02 01 05 60 07 02 0....`..
ldap_read: want=6, got=6
0000: 01 03 04 00 80 00 ......
ber_get_next: tag 0x30 len 12 contents:
ber_dump: buf=0x7efc280008c0 ptr=0x7efc280008c0 end=0x7efc280008cc len=12
0000: 02 01 05 60 07 02 01 03 04 00 80 00 ...`........
5ce4023e op tag 0x60, time 1558446654
5ce4023e connection_input: conn=1002 deferring operation: binding
ber_get_next
tls_read: want=5 error=Resource temporarily unavailable
ldap_read: want=8, got=0
5ce4023e daemon: activity on 1 descriptor
5ce4023e daemon: activity on:
5ce4023e daemon: epoll: listen=8 active_threads=0 tvp=zero
5ce4023e daemon: epoll: listen=9 active_threads=0 tvp=zero
5ce4023e daemon: epoll: listen=10 active_threads=0 tvp=zero