Re: Changing timeouts from a slapd module
On 5/21/19 4:12 PM, dee heffem wrote:
I'm calling a 3rd party 2FA API from within a password module in
OpenLDAP. The 2FA API call sends an SMS push to a mobile device.
If the push does not return a result within 10 seconds, auth
fails with what looks like a socket (tls_read) timeout[1]. What is going
on there and can this timeout be increased if that's what this is?
60 seconds would be more user friendly but after some experimentation
with ldap_set_option() I've not been able to affect the connection
timeout -- if that's what it is.
Is your overlay processing a single bind operation?
AFAIK the slapd worker thread is blocked for the whole processing time
of a single bind operation. Thus I have some doubts that you want to
implement an auth mechanism with such asynchronous characteristics in an
overlay.
Ciao, Michael.