| Author |
Message |
|
| Guest |
 Posted: Thu Jan 28, 2010 8:01 am |
 |
|
|
Guest
|
|
| Back to top |
|
| Guest |
| Posted: Thu Jan 28, 2010 9:31 am |
|
|
|
Guest
|
Chih-Wei Yu wrote:
> Hi,
>
> We're running YAWS-1.75 with 12B-5 with SSL. Platform is Solaris
> 10 T5220. The problems experienced is a build up of TCP sockets in IDLE
> state (unbound sockets). There is connections in and out but everynow
> and then IDLE sockets just build up. Now what is seen is that the
> ssl_esock process (driver) are not closing these sockets. The sockets is
> both created for incoming connections as well as connection between the
> ssl_esock and Erlang. Has anyone experience this problem.
Hmmm some bells ringing but I don't exactly recall. I'm certain
I've heard this before but I don't remember the specifics.
Maybey the Kreditor folks know ??? - they run an awful lot of ssl
traffic.
>
> Another question is if YAWS will be using the new implementation of SSL
> in Erlang?
>
I've tried the new ssl implementation a couple of times, and now redid
that test using R13B03 - and I can't get it to work.
I tried it the the first time over a a year ago. To enable again it's just
--- a/src/yaws_server.erl
+++ b/src/yaws_server.erl
@@ -863,8 +863,8 @@ ssl_listen_opts(GC, SSL) ->
if ?gc_use_old_ssl(GC) ->
false;
true ->
- %%{ssl_imp, new} - still doesn't work (R13B)
- false
+ {ssl_imp, new} %% - still doesn't work (R13B)
+ %false
end
This time it worked better though - but still no go. Not yet working.
It would be great if it worked though since the esock thing has had several
(hard to find bugs) over the years and it's also much more efficent to
process the ssl proto inside the beam.
/klacke
------------------------------------------------------------------------------
The Planet: dedicated and managed hosting, cloud storage, colocation
Stay online with enterprise data centers and the best network in the business
Choose flexible plans and management services without long-term contracts
Personal 24x7 support from experience hosting pros just a phone call away.
http://p.sf.net/sfu/theplanet-com
_______________________________________________
Erlyaws-list mailing list
Erlyaws-list@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/erlyaws-list
Post received from mailinglist |
|
|
| Back to top |
|
| Guest |
| Posted: Thu Jan 28, 2010 10:00 am |
|
|
|
Guest
|
|
| Back to top |
|
| Guest |
| Posted: Thu Jan 28, 2010 10:09 am |
|
|
|
Guest
|
Chih-Wei Yu wrote:
> Hi,
>
> Processing the ssl proto inside erlang does sound like a better option
> and would make debugging easier as well. Problem currently is that its
> hogging file descriptors and there's no way to clean it up unless
> restarting the whole runtime.
Indeed - It'll require you to go to the latest OTP ssl code though.
However, I couldn't get it to work with yaws when I tried it today.
I'm not sure what went wrong - I just reapplied the patch I posted
and tried. Maybe there is some other ssl trickery that needs to be applied
in order to use the new ssl impl.
I can't look at this exactly right now, so if you want immediate progress
here you'll have to do some digging yourself.
/klacke
------------------------------------------------------------------------------
The Planet: dedicated and managed hosting, cloud storage, colocation
Stay online with enterprise data centers and the best network in the business
Choose flexible plans and management services without long-term contracts
Personal 24x7 support from experience hosting pros just a phone call away.
http://p.sf.net/sfu/theplanet-com
_______________________________________________
Erlyaws-list mailing list
Erlyaws-list@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/erlyaws-list
Post received from mailinglist |
|
|
| Back to top |
|
| Guest |
| Posted: Thu Jan 28, 2010 3:52 pm |
|
|
|
Guest
|
Thank you for your assistance, i'll have to dig quite some bit before i get to the other side. =)
|
|
|
| Back to top |
|
| Guest |
| Posted: Thu Jan 28, 2010 7:56 pm |
|
|
|
Guest
|
Hi,
We experienced the problems Tomas described in this post (started by
you it seems?):
http://thread.gmane.org/gmane.comp.lang.erlang.general/41881
I'm not aware of any solution though, other than that the problem (at
least partially) initiated the implementation of the new ssl. What
you're seeing now, is that the same issue (enoproxysocket) outlined in
the above post?
Myself, I'd see if I could get the new ssl up to speed with yaws,
since it'd be a lot easier to troubleshoot and build upon (when/if
needed). Unfortunately I don't have that much high volume, stress
test experience to say how it fares in a production (like) environment
though. I'll leave that for someone else to comment upon.
Kind Regards,
Klas
2010/1/28 Chih-Wei Yu <chewy.cw.yu@gmail.com>:
> Thank you for your assistance, i'll have to dig quite some bit before i get
> to the other side. =)
>
> Regards,
> Chih-Wei Yu
>
> 2010/1/28 Claes Wikstr |
|
|
| Back to top |
|
| Guest |
| Posted: Thu Jan 28, 2010 9:39 pm |
|
|
|
Guest
|
Klas Johansson wrote:
> Hi,
>
> We experienced the problems Tomas described in this post (started by
> you it seems?):
> http://thread.gmane.org/gmane.comp.lang.erlang.general/41881
>
> I'm not aware of any solution though, other than that the problem (at
> least partially) initiated the implementation of the new ssl. What
> you're seeing now, is that the same issue (enoproxysocket) outlined in
> the above post?
Good input - thanks
>
> Myself, I'd see if I could get the new ssl up to speed with yaws,
> since it'd be a lot easier to troubleshoot and build upon
Agree completely - but as I said - I don't have the time to
investigate this now.
/klacke
------------------------------------------------------------------------------
The Planet: dedicated and managed hosting, cloud storage, colocation
Stay online with enterprise data centers and the best network in the business
Choose flexible plans and management services without long-term contracts
Personal 24x7 support from experience hosting pros just a phone call away.
http://p.sf.net/sfu/theplanet-com
_______________________________________________
Erlyaws-list mailing list
Erlyaws-list@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/erlyaws-list
Post received from mailinglist |
|
|
| Back to top |
|
| Guest |
| Posted: Mon Feb 01, 2010 8:20 am |
|
|
|
Guest
|
Chih-Wei Yu wrote:
> Thank you for your assistance, i'll have to dig quite some bit before i
> get to the other side. =)
>
Good news - I did some digging here, and commit:
http://github.com/klacke/yaws/commit/d4fec792ddc73f475514fbf41974a05d65a801aa
Seems to make the new ssl implementation work.
It probably needs spme more testing with things like
error codes on bad certs client certs etc - but the basics work.
You should be able to patch the above into slightly old yaws
releases as well. I attach a regular diff as well
Good luck
/klacke
Post received from mailinglist |
|
|
| Back to top |
|
| Guest |
| Posted: Mon Feb 01, 2010 4:14 pm |
|
|
|
Guest
|
|
| Back to top |
|
| Guest |
| Posted: Mon Feb 01, 2010 9:20 pm |
|
|
|
Guest
|
Chih-Wei Yu wrote:
>
> Thanks for the patch. I assume this will be in the next release of YAWS.
yes,
/klacke
------------------------------------------------------------------------------
The Planet: dedicated and managed hosting, cloud storage, colocation
Stay online with enterprise data centers and the best network in the business
Choose flexible plans and management services without long-term contracts
Personal 24x7 support from experience hosting pros just a phone call away.
http://p.sf.net/sfu/theplanet-com
_______________________________________________
Erlyaws-list mailing list
Erlyaws-list@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/erlyaws-list
Post received from mailinglist |
|
|
| Back to top |
|
|
|
All times are GMT
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum
|
|
|
Digg It
Del.icio.us
Reddit
Facebook
Stumble Upon
Technorati
