X-Recipient: archive-cygwin AT delorie DOT com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:to:subject:message-id:reply-to
	:references:mime-version:content-type:in-reply-to; q=dns; s=
	default; b=c2Bhs891HOmEN5KlznnTNmZ0cc5ZYZKDHwVDHV3ogK8usWAolo1ls
	kbkw4iGLPUWeufq1U9JrKAWht8uy4Pej7FmuN+WDqhDvrEm+lIKAX3Tz41TsoJQV
	xToLUuiFLgHCQrWEzzwaxsAzyVrqayHCFMmKmljR7k46R+DVG39yj0=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:date:from:to:subject:message-id:reply-to
	:references:mime-version:content-type:in-reply-to; s=default;
	 bh=V3qTnMzKnBjSVhD7ekfcE2WtXrE=; b=Fk7LuYdGNz0FGJU5LVNfqftdp1lE
	7UYTajNDYHpii+Y7cVpvK1mGW2jmGdZ7l9En24FOsaQ3dQg00G5MubIMslFUKopM
	5KKObc4+/Gg9NRhLiL86Uxxa8QWAisrHeKBI9Gh+f5FoSDdd7OTdhFRN2TSR7fGF
	RuohdA4chZOvsbg=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-5.9 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.3.2
X-HELO: calimero.vinschen.de
Date: Wed, 18 Jun 2014 20:01:02 +0200
From: Corinna Vinschen <corinna-cygwin AT cygwin DOT com>
To: cygwin AT cygwin DOT com
Subject: Re: timeout in LDAP access
Message-ID: <20140618180102.GA27055@calimero.vinschen.de>
Reply-To: cygwin AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
References: <F312783D-AD66-4614-922B-E44403C7E372 AT Denis-Excoffier DOT org> <20140617100011 DOT GL23700 AT calimero DOT vinschen DOT de> <C462E4F3-1E51-46DC-BD27-BC4786A5E8BB AT Denis-Excoffier DOT org> <20140618083304 DOT GV23700 AT calimero DOT vinschen DOT de>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;	protocol="application/pgp-signature"; boundary="bg08WKrSYDhXBjb5"
Content-Disposition: inline
In-Reply-To: <20140618083304.GV23700@calimero.vinschen.de>
User-Agent: Mutt/1.5.23 (2014-03-12)

--bg08WKrSYDhXBjb5
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Jun 18 10:33, Corinna Vinschen wrote:
> On Jun 18 00:41, Denis Excoffier wrote:
> > On 2014-06-17 12:00, Corinna Vinschen wrote:
> > > I'm wondering if the timeout, at least for enumerating accounts, shou=
ld
> > > go away entirely.  In case of a connection problem this could result =
in
> > > a hang for about 2 minutes by default I think (LDAP_OPT_PING_LIMIT).
> > I think i like this (it it works). But in this case, it will not resume
> > to the next domain, and the whole operation (eg getent) is interrupted?
>=20
> I don't quite understand the question.  All LDAP operations have a
> default timeout of 2 minutes if LDAP_OPT_TIMEOUT is not set.  The
> operations we're doing here are pretty simple ones, the bunch of 100
> SIDs per getpwent LDAP call is a really small dataset (about 4K bytes)
> of indexed data, which should be readily available.  And there's a
> certain (not Cygwin-specific) expectation that a simple LDAP operation
> is fast.
>=20
> Assuming the server takes more than just 3 seconds to reply to
> a single request for some reason, let's say 30 seconds.  The call will
> result in a laming output of getent, of course, but it would have no
> other consequences.  If the server needs actually more than two minutes
> to reply, and doesn't return a ping either, the timeout is a very likely
> indication that we have network problems, or the server is down.
> In that case, the normal code path applies.  The connection with the
> server will be closed and we try the next domain.
>=20
> The idea I was proposing was just to drop all attempts to seconds guess
> how fast a DC replies.  We're going to use LDAP with default settings
> and that's it.  Default settings means, every operation times out after
> the default timeout period of 120 seconds, which should really be
> sufficient.

I'm not quite sure I understand the effect of all the timeout values in
LDAP entirely correctly and the API documentation leaves quite a bit to
be desired.

For the time being I raised the timeout to 30 seconds, and colons in
the gecos field are converted to semicolons.  I uploaded a new developer
snapshot to http://cygwin.com/snapshots/  Please give it a try.


Thanks,
Corinna

--=20
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Maintainer                 cygwin AT cygwin DOT com
Red Hat

--bg08WKrSYDhXBjb5
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJTodPeAAoJEPU2Bp2uRE+gIs0P/1AI8Igxu6vY7zhBPghqJWJQ
S0+pcLIYaiLNooiguUblh26g8+SjP16fkTyjwCEWFcswbf+j3cs7omydOYMwOWQw
JIibQ4gZI7tnN4jTnp0FUWJX86Rr4c1U4mt02pcOiYPzOYx8iR+thIyrZaP8dwvx
f+twV9hvXq2681Qa7/GaRFqaEcinRkr+KmmhvvcQJVJq6msj7ATUGmXAJ5O52vq5
qMmhDqw//PKimLXUssCx7SYTnkl+1GqEn5ioFsmQeuT7sJpOAJL6T9YdlhkSWyJF
FgyxD+UfRoD21ytFcu5esZq9FIaG8ARF+iP338f4uHs1e0J+oBqz5BjYmL9T8dRV
ppVDJc6xMJLkAyAELkJrpqTFWyzwBjITetisNNHqvXA7K0Ka8YenSvbWEB8gFxIf
oXvPA9u28BERw4WOfpuXjg10TTuspbtMtI0iTYVU9UE1mFNew/C19iHieplbA+fd
PAMopod6H7mXOltrhfpa7TGoIo0Um2sRxsSRZNsL3sjiEtC8KJ0BN4DZ1FP4d1tW
c8H0ZPs8ObYdotG+oV2pRpfMeavuToPWwsVCmkmcGX/huVzQN0aEBNx/3yz1R5GA
wI9TjaiL/prVeMmXX/ebzMOj6KaSefCFya9iEik3PkjwE8z3oz6kK5Wc9seL97Ho
I59ItyyaefC/PZa9l8d3
=1V34
-----END PGP SIGNATURE-----

--bg08WKrSYDhXBjb5--