Content-Type: text/plain; charset="UTF-8"
On Wed, 2010-10-13 at 14:17 -0700, Howard Chu wrote:
It seems you can workaround this by changing tls_g.c's invocation
gnutls_bye() to use GNUTLS_SHUT_WR instead of GNUTLS_SHUT_RDWR. However, =
strikes me as fundamentally wrong, since libldap is clearly closing
directions when it gets here. I think the bug is in gnutls_bye(), it
be waiting indefinitely when it tries to read the peer's Close
sure it should even be trying to read that at all; some peers may
I can't comment on the GnuTLS API because I haven't used it before. Can
you file a bugreport with GnuTLS? Do you need any more input from my
Note that because you're breaking the connection without warning,
know that the connection is gone, so there will be no error detected
gnutls attempts to send its own Close alert. In this case, it will
block for 2*MSL before getting any further.
In my tests I haven't waited that long (I think). Do you know if there
are any problems with using setsockopt(SO_RCVTIMEO) and
setsockopt(SO_SNDTIMEO) on the socket?
-- arthur - arthur(a)arthurdejong.org - http://arthurdejong.org
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
-----END PGP SIGNATURE-----