cURL / Mailing Lists / curl-library / Single Mail


RE: openldap loops forever

From: Patrick Monnerat <>
Date: Thu, 21 Jan 2016 14:12:27 +0000

Patrick Monnerat wrote:
> I have just discovered a regression in curl ldap handling via openldap.c module:
> The transfer is OK, but the end is not detected and curl loops forever.

I've found the problem, though I did not resolve it.

By default, openldap API now searches in referrals too. This is achieved by opening secondary socket descriptors (internal to the openldap API). These secondary descriptors are NOT monitored by curl's poll system and thus, data available on these never trigger calls to ldap_recv() resulting in an endless stalled dialog.

Of course, this only occurs if there are referrals in the primary result set.

One very easy solution would be to disable automatic referrals chasing (LDAP_OPT_REFERRALS LDAP_OPT_OFF). The drawback would be we will not receive entries from referrals.

Else we should deal with multiple socket descriptors for a single easy channel. I don't know if this is currently possible (pipelining?). Since there is no ldap API to get secondary socket descriptors and because these sockets' binds do not respect the primary socket's bind, it should probably be necessary to process referrals chasing in the curl module rather than automatically... lots of code to update or write.

Comments are welcome!

List admin:
Received on 2016-01-21