I have already added a new directive to util_ldap called
LDAPConnectionTimeout (
http://httpd.apache.org/docs-2.1/mod/mod_ldap.html#ldapconnectiontimeout
) which allows util_ldap to set the network timeout through

rc = apr_ldap_set_option(p, NULL, LDAP_OPT_NETWORK_TIMEOUT,
                                 (void *)&timeOut, &(result_err));

The default is 10 seconds, but this directive will allow the
administrator to set it to whatever they want.  See the STATUS file
backport entry (svn rev 126565).  This should be a much cleaner way to
handle connection timeouts although I think that the whole connection
pool itself should be converted to using apr_reslist_*.   

I have also considered adding a similar directive to set the search
timelimit (LDAP_OPT_TIMELIMIT), but I haven't decided if just setting a
global time limit is a good thing or not.  It seems like this should be
more of a per-request type of setting and also really depends on the
size of the LDAP context that is being searched.

thoughts?

Brad



>>> [EMAIL PROTECTED] Tuesday, February 01, 2005 8:55:24 AM >>>
Jess Holle said:

> I don't have a vote, but I believe the socket timeout configuration
is
> necessary to address issues seen with firewall timeouts and the LDAP
> connections held open by Apache.

Is there an outstanding patch for this yet?

The right way to solve this problem is to allocate the LDAP connection
pool using apr_reslist_*, which handles things like connection
timeouts
for us.

If this code exists already, then I'm keen to get it in ASAP, and if
the
code doesn't exist I should have time to fix it after tomorrow.

Regards,
Graham
--

Reply via email to