>>> "Tero Saarni" <[email protected]> schrieb am 26.11.2020 um 09:48 in Nachricht <[email protected]>: > Hi, > > I understood from slapd-ldap(5) description of "idle-timeout" that cached > connections towards remote LDAP server would be automatically dropped after > <time> seconds. > > Problem: cached connections that are idle do not get dropped.
It may depend on the version, but for us it worked. How did you check that it doesn't work? > > Questions: > > (1) Is this expected? > > (2) Are idle connections kept due to limitation in the implementation: > when connection is idle, back-ldap does not have a trigger that could be > used > to drop idle connections? > > Background: > > While experimenting with this, it seems that idle timeout is only checked > when > there is new activity towards the cached connection i.e. connection needs to > become active before idle timeout is checked. If the connection just > remains > idle, nothing will happen. > > I'm trying to study the timeout handling in back-ldap code, and I believe I > found relevant code at the end of ldap_back_getconn() in bind.c. It will > eventually trigger unbind and disconnect, but only when new activity happens > after the idle period is reached. I did not find other paths that could > trigger unbind of cached connection. > > -- > Tero
