Index: docs/manual/mod/mod_ldap.xml =================================================================== --- docs/manual/mod/mod_ldap.xml (revision 151744) +++ docs/manual/mod/mod_ldap.xml (working copy) @@ -340,4 +340,19 @@ + +LDAPConnectionTimeout +Specifies the socket connection timeout in seconds +LDAPConnectionTimeout seconds +server config + + +

Specifies the timeout value (in seconds) in which the module will + attempt to connect to the LDAP server. If a connection is not + successful with the timeout period, either an error will be + returned or the module will attempt to connect to a secondary LDAP + server if one is specified. The default is 10 seconds.

+ + + Index: modules/experimental/util_ldap.c =================================================================== --- modules/experimental/util_ldap.c (revision 151744) +++ modules/experimental/util_ldap.c (working copy) @@ -1330,7 +1330,31 @@ return(NULL); } +static const char *util_ldap_set_connection_timeout(cmd_parms *cmd, void *dummy, const char *ttl) +{ + util_ldap_state_t *st = + (util_ldap_state_t *)ap_get_module_config(cmd->server->module_config, + &ldap_module); + const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY); + if (err != NULL) { + return err; + } + +#ifdef LDAP_OPT_NETWORK_TIMEOUT + st->connectionTimeout = atol(ttl); + + ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, cmd->server, + "[%d] ldap connection: Setting connection timeout to %ld seconds.", + getpid(), st->connectionTimeout); +#else + ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, cmd->server, + "LDAP: Connection timout option not supported by the LDAP SDK in use." ); +#endif + + return NULL; +} + void *util_ldap_create_config(apr_pool_t *p, server_rec *s) { util_ldap_state_t *st = @@ -1347,6 +1371,7 @@ st->cert_auth_file = NULL; st->cert_file_type = LDAP_CA_TYPE_UNKNOWN; st->ssl_support = 0; + st->connectionTimeout = 10; return st; } @@ -1379,6 +1404,7 @@ void *data; const char *userdata_key = "util_ldap_init"; + struct timeval timeOut = {10,0}; /* 10 second connection timeout */ /* util_ldap_post_config() will be called twice. Don't bother * going through all of the initialization on the first call @@ -1603,6 +1629,20 @@ "LDAP: SSL support unavailable" ); } +#ifdef LDAP_OPT_NETWORK_TIMEOUT + if (st->connectionTimeout > 0) { + timeOut.tv_sec = st->connectionTimeout; + } + + if (st->connectionTimeout >= 0) { + rc = ldap_set_option(NULL, LDAP_OPT_NETWORK_TIMEOUT, (void *)&timeOut); + if (APR_SUCCESS != rc) { + ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, + "LDAP: Could not set the connection timeout" ); + } + } +#endif + return(OK); } @@ -1667,6 +1707,11 @@ " DER_FILE - file in binary DER format " " BASE64_FILE - file in Base64 format " " CERT7_DB_PATH - Netscape certificate database file "), + + AP_INIT_TAKE1("LDAPConnectionTimeout", util_ldap_set_connection_timeout, NULL, RSRC_CONF, + "Specifies the LDAP socket connection timeout in seconds. " + "Default is 10 seconds. "), + {NULL} }; Index: include/util_ldap.h =================================================================== --- include/util_ldap.h (revision 151744) +++ include/util_ldap.h (working copy) @@ -126,6 +126,7 @@ /* cache ald */ void *util_ldap_cache; char *lock_file; /* filename for shm lock mutex */ + int connectionTimeout; } util_ldap_state_t;