URL: https://github.com/SSSD/sssd/pull/67 Title: #67: UTIL: Unset O_NONBLOCK for ldap connection
lslebodn commented: """
Could you explain what is the interaction between sssd and gnutls? Do you pass the fd (which was set to non-blocking) or so to gnutls?
There is not direct interaction/usage between sssd and gnutls. It's done indirectly via libldap 1. SOCK_STREAM socket is created by sssd 2. O_NONBLOCK is set on this socket 3. sssd creates connection to the ldap server (using connect syscall) 4. created socket descriptor is passed to the `ldap_init_fd` for initialisation of ldap handler which is used for any libldap operations. 5. If sssd is configured with ldap authentication then sssd tries to bind to the ldap server as user. Underneath, libldap will start_tls because we do not want to pass unencrypted password via network
Before sssd-1.14.0 we were unsetting O_NONBLOCK before 4th step.
BTW these 5 steps work well with sssd-1.14 if lildap is compiled with openssl or moznss """
See the full comment at https://github.com/SSSD/sssd/pull/67#issuecomment-256615534