On 28/4/06 7:18, Bart Parliman <firstname.lastname@example.org> wrote:
> In the Net::LDAPS manpage BUGS section there's this ...
> "You cannot have more than one LDAPS connection at any one time,
> due to restrictions in the underlying Net::SSLeay code."
> I've come across a case where I'd really like to query two
> separate servers, both with secure connections. (I can't
> easily query them in batches.)
> Does this limitation apply to using Net::LDAP's start_tls?
It would, yes.
> Does someone know what "at any one time" means. Perhaps one of
Well, I wrote the code (and that documentation) quite a long time ago. The
warning may no longer be correct.
I think the reason behind it was that there was some kind of global context
object used in Net::SSLeay which definitely isn't the sort of thing you'd
want to share between two connections.
But that's just going from memory. A pretty quick glance at the current
Net::SSLeay code doesn't reveal anything like this. Maybe it got fixed, or
maybe I was imagining the problem before.
> - Don't even instantiate two separate objects at the same time
> - Don't try to bind to two separate servers at the same time
> - Don't try two concurrent queries (e.g. not thread safe)
Almost certainly bad. I'm not sure Net::LDAP is thread-safe.
> I'm mainly trying to figure out a known safe way of coding this.
> If possible, I'd like to avoid forking a child to perform queries
> and having to ship data between processes.
That would of course work. However, the warning about Net::SSLeay might now
be bogus, so try out multiple connections...