Am Mittwoch 06 Mai 2009 11:27:29 schrieb Howard Chu:
> Ralf Haferkamp wrote:
> > Am Dienstag 05 Mai 2009 22:48:10 schrieb Howard Chu:
> > Something like proposed in ITS#5133? It seems that it was rejected with a
> > reference to the enablement of SO_KEEPALIVE, though. Should we revisit
> > that?
>
> Seems like it, yes.
Btw, you mentioned that sending Abandon 0 will be sufficient as a no-op. How's
that going to work?
[..]
> > I havn't had a good idea yet how to easily fix this case, apart from
> > leveraging TCP keepalives.
> >
> > (According to the docs, SSL_read() would return SSL_ERROR_WANT_READ when
> > the underlying BIO is non-blocking. But we're using blocking IO. I am
> > unsure how much effort it would be to port that to non-blocking. I'd
> > think it's a non- trivial task ;)).
>
> I don't think there's any particular dependencies left in our code in this
> regard; ber_get_next() can be called as many times as necessary to retrieve
> a complete message. All of our input is triggered by select/poll/etc.
> What's less clear is how well OpenSSL actually behaves with non-blocking
> sockets; there are a lot of bug reports on that as I recall. You interested
> in testing that?
Apart from the usual time-constraints, I am not too keen on that. ;)
> I guess, in the absence of a better solution, go ahead with what you've
> already worked up. We'll just have to document somewhere (Admin Guide I
> suppose) that a system's TCP keepalive setting may need to be adjusted if
> not on Linux...
I just submitted the libldap part, will see how/if I can work out the syncrepl
part later. I need to finish some other stuff first.
--
regards,
Ralf
