Hi all,
when I try to add or update the "member"-attribute of a list
(groupOfNames)
containing "many" (i.e. more than 300) members (dn's), the connection
hangs and the list is not being modified:
my $result = $ldap->modify( $list->dn, replace=> {member=>
[EMAIL PROTECTED] ); # hangs if there are "too many" members
- without encryption, the problem does *not* occur.
- I don't receive any error message. The connection just hangs until
timeout.
- when I try to update the same list with less members, everything
works fine.
- the SSL-connection itself works fine, I can do searches and updates
without any problem
- working with start_tls instead of Net::LDAPS does not solve the
problem
I use Perl v5.8.8 built for i686-linux-thread-multi and the latest
version of NET::LDAP (0.34) and the underlying modules
IO::Socket::SSL (1.06),
Net::SSLeay (1.30). I also tried it with Perl, v5.8.6 built for
darwin-thread-multi-2level
from an OSX machine but the problem remains.
Here is end of the debug output of a working example (292 members):
----------------------------------------------------------------
[...]
65 74 68 7A 2C 63 3D 63 68 04 37 63 6E 3D 7A 73 ethz,c=ch.7cn=zs
74 65 70 68 61 6E 2C 6F 75 3D 75 73 65 72 73 2C tephan,ou=users,
6F 75 3D 6E 65 74 68 7A 2C 6F 75 3D 69 64 2C 6F ou=nethz,ou=id,o
75 3D 61 75 74 68 2C 6F 3D 65 74 68 7A 2C 63 3D u=auth,o=ethz,c=
63 68 04 35 63 6E 3D 7A 63 61 72 6C 6F 2C 6F 75 ch.5cn=zcarlo,ou
3D 75 73 65 72 73 2C 6F 75 3D 6E 65 74 68 7A 2C =users,ou=nethz,
6F 75 3D 69 64 2C 6F 75 3D 61 75 74 68 2C 6F 3D ou=id,ou=auth,o=
65 74 68 7A 2C 63 3D 63 68 __ __ __ __ __ __ __ ethz,c=ch
Net::LDAPS=HASH(0x9a1b590) received:
30 0C 02 01 05 67 07 0A 01 00 04 00 04 00 __ __ 0....g........
Net::LDAPS=HASH(0x9a1b590) sending:
30 05 02 01 06 42 00 __ __ __ __ __ __ __ __ __ 0....B.
----------------------------------------------------------------
Here same example with just 1 more member (293 members):
----------------------------------------------------------------
[...]
65 74 68 7A 2C 63 3D 63 68 04 37 63 6E 3D 7A 73 ethz,c=ch.7cn=zs
74 65 70 68 61 6E 2C 6F 75 3D 75 73 65 72 73 2C tephan,ou=users,
6F 75 3D 6E 65 74 68 7A 2C 6F 75 3D 69 64 2C 6F ou=nethz,ou=id,o
75 3D 61 75 74 68 2C 6F 3D 65 74 68 7A 2C 63 3D u=auth,o=ethz,c=
63 68 04 35 63 6E 3D 7A 63 61 72 6C 6F 2C 6F 75 ch.5cn=zcarlo,ou
3D 75 73 65 72 73 2C 6F 75 3D 6E 65 74 68 7A 2C =users,ou=nethz,
6F 75 3D 69 64 2C 6F 75 3D 61 75 74 68 2C 6F 3D ou=id,ou=auth,o=
65 74 68 7A 2C 63 3D 63 68 04 36 63 6E 3D 7A 61 ethz,c=ch.6cn=za
62 6B 61 72 64 2C 6F 75 3D 75 73 65 72 73 2C 6F bkard,ou=users,o
75 3D 6E 65 74 68 7A 2C 6F 75 3D 69 64 2C 6F 75 u=nethz,ou=id,ou
3D 61 75 74 68 2C 6F 3D 65 74 68 7A 2C 63 3D 63 =auth,o=ethz,c=c
68 __ __ __ __ __ __ __ __ __ __ __ __ __ __ __ h
(connection hangs)
----------------------------------------------------------------
Somehow there seems to be a problem with the length of data being
transmitted.
We used the same code for years, without any problem, it stopped
working about
two months ago. Maybe an update of Perl, a module or OpenSSL is
causing the trouble?
Does anybody have any clue how to track this bug?
Cheers, Swen
