On Mon, 2 Jun 2008, Rakesh Yadav wrote:
I have written a library using LDAP client API's according to my requirement. I m having RPC clients and a RPC server. This RPC server is multithreaded and uses the library which is written using LDAP client api.
The problem is :
- I have open a single connection with LDAP server and passed the global LDAP * ptr to all my library calls, And i sended a search request from rpc client in a loop, it works and gives the result but as i run second request for reading data from rpc server then i get error from LDAP server "*Broken pipe*".
With libldap, LDAP handles do not support concurrent use. You can use a given handle from multiple threads, but only by one at a time.
Now, libldap_r does support concurrent LDAP handle use in multiple threads, but the processing of replies is effectively single-threaded: if N threads are waiting in ldap_result() for particular responses, none will return until the response is received that is needed by the first thread to call ldap_result(). This is probably not the behavior you want.
- Then i have decided i will use seprate connection with LDAP for each thread and use a local LDAP *ptr for thread. This time multiple requests from rpc client works for 2-3 minutes after that it also gives error. "*ldap_bind :Can't contact LDAP server*" In this case i opened and closed a connection with LDAP server for each thread.
That's the method I recommend. There are two things you need to ensure:
1) you must compile libldap with whatever compiler flags are needed to make the code thread-safe, such as using the per-thread errno.
2) if using TLS/SSL (whether via ldaps or StartTLS), then you need to compile your SSL library to be thread-safe *and* make whatever setup calls are necessary
For example, with OpenSSL you need to call CRYPTO_set_locking_callback() and probably CRYPTO_set_id_callback() too. You may also need to call the CRYPTO_set_dynlock_*_callback() functions; the OpenSSL docs aren't very clear on the subject...
Philip Guenther