I have already added a new directive to util_ldap called LDAPConnectionTimeout ( http://httpd.apache.org/docs-2.1/mod/mod_ldap.html#ldapconnectiontimeout ) which allows util_ldap to set the network timeout through
rc = apr_ldap_set_option(p, NULL, LDAP_OPT_NETWORK_TIMEOUT, (void *)&timeOut, &(result_err)); The default is 10 seconds, but this directive will allow the administrator to set it to whatever they want. See the STATUS file backport entry (svn rev 126565). This should be a much cleaner way to handle connection timeouts although I think that the whole connection pool itself should be converted to using apr_reslist_*. I have also considered adding a similar directive to set the search timelimit (LDAP_OPT_TIMELIMIT), but I haven't decided if just setting a global time limit is a good thing or not. It seems like this should be more of a per-request type of setting and also really depends on the size of the LDAP context that is being searched. thoughts? Brad >>> [EMAIL PROTECTED] Tuesday, February 01, 2005 8:55:24 AM >>> Jess Holle said: > I don't have a vote, but I believe the socket timeout configuration is > necessary to address issues seen with firewall timeouts and the LDAP > connections held open by Apache. Is there an outstanding patch for this yet? The right way to solve this problem is to allocate the LDAP connection pool using apr_reslist_*, which handles things like connection timeouts for us. If this code exists already, then I'm keen to get it in ASAP, and if the code doesn't exist I should have time to fix it after tomorrow. Regards, Graham --