Re: client timeouts [was: Re: multiple servers in DNS and TLS]

Philip Guenther guenther+ldapsoft@sendmail.com wrote:

Nope. TIMELIMIT just sets the default for the value passed to the server in the search request. There's no option for setting a default timeout to be used by the ldap_result() call. What's more, there's no API of any sort for putting a timeout on TLS/SSL negotiation.

A long-lived program that needs to impose a time limit on LDAP operations that may include using ldap_starttls_s() or opening an ldaps URL basically has to do so in one thread or process and do the timing out in a separate thread or process.

(Or reimplement that part of the OpenLDAP API, I suppose.)

So how do you build a failover mechanism? Because it's something that can be done, right?