[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openldap-technical
Subject:    Re: SSL timeout
From:       Howard Chu <hyc () symas ! com>
Date:       2023-05-22 16:15:23
Message-ID: 7b2a28a3-dbe5-9f9e-33c7-971ece645386 () symas ! com
[Download RAW message or body]

Robert T Dunn wrote:
> We are experiencing a problem with SSL timeout as reported with issue 8047: \
> https://bugs.openldap.org/show_bug.cgi?id=8047

> Our issue is when the LDAP client does an SSL connect to establish the TLS session \
> with the remote server. If the SERVER_HELLO returned from the remote server takes a \
> significant amount of time or does not come back from the server at all (for \
> example, someone unplugged the server), the LDAP client connection DOES NOT \
> timeout, and there are no LDAP configuration options to force the session to \
> timeout. So, the LDAP client connection is effectively hung forever. Issue 8047 \
> reported the SSL timeout issue, but the issue’s status is still UNCONFIRMED.   Are \
> there any plans to correct this problem in future versions of LDAP Client?

As noted in this reply https://bugs.openldap.org/show_bug.cgi?id=8047#c5

This is not ours to fix; the underlying TLS libraries must provide async connection \
support.
> 
> 
> 
> 
> 
> Thanks,
> 
> Rob Dunn
> 
> 
> IBM z/TPFDF development
> 
> email:   strmbrgr@us.ibm.com <mailto:strmbrgr@us.ibm.com>
> phone: (845) 433-1312
> 
> 
> 


-- 
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/


[prev in list] [next in list] [prev in thread] [next in thread]