I am still struggling with this - debug logs only seem to stay around for a couple of minutes and then get removed and I always seem to miss the crucial conversation - if there is a way to make the log remain longer I would be glad of the secret.
However - I have been running more tests, and I have tracked one failed connection, it proceeded in what looked to my unpracticed eye good order until it did a state reset - I am loath to clutter the list with log dumps, but the last couple of lines might show what I mean by that 7 Apr 09 13:12:07 <IO::Socket::SSL=GLOB(0x7054984) HASH(0x70c3d14) l=269> 7 Apr 09 13:12:07 <wrote: (269)<long text>> 7 Apr 09 13:12:07 <6> 7 Apr 09 13:12:07 <50> 7 Apr 09 13:12:07 <8> 7 Apr 09 13:12:07 <2> 7 Apr 09 13:12:07 <doing <MAIL FROM:<ag...@ukex12.pur3.net> SIZE=37972>> 7 Apr 09 13:12:07 <15> 7 Apr 09 13:12:07 <gl: <MAIL FROM:<ag...@ukex12.pur3.net> SIZE=37972>> 7 Apr 09 13:12:07 <stateReset> I am running ASSP Version: 1.5.1.2(0.0.03) on Windows with active state PERL 5.10.0 IO::SOCKET::SSL is at version 1.22 which is the latest I could find in a repository shown as working with Windows. I am starting to loose the ability see for staring at log files so any help would be gratefully received - I'll even let you tell me how daft I am if it points me closer to the fix Thanks Kevin -----Original Message----- From: Kevin Lawry [mailto:kevin.la...@ndfs.co.uk] Sent: 07 April 2009 10:30 To: ASSP development mailing list Subject: Re: [Assp-test] 1.5.1.2 - Many Connection Idle - timeout Alan Sadly my testing does not bear out your findings - let me run you through my methodology just to make sure that I am not misleading you I am using Thunderbird to connect directly to the world facing port of my assp server - it is configured to send using TLS only (and prompts me about the certificate every send) I have sent plain text e-mails to my internal address - I have a text file containing 1024 # symbols which I copy and paste into the body text I have sent mails with 1, 2, 4, 6, 8, and 21 sets, which with carriage returns etc come to slightly more than that value in k when delivered - all made it through without problem. I did notice hoever that a small number of times the mail failed to send at all if it clashed with another conversation that was in progress. Kevin -----Original Message----- From: Alan McNeil [mailto:a9...@mac.com] Sent: 06 April 2009 18:33 To: ASSP development mailing list Subject: Re: [Assp-test] 1.5.1.2 - Many Connection Idle - timeout Kevin, I've spent 20 hours of work debugging this situation at the packet level. Try testing with emails that are at least 2K long in the body for your tests. See if that give you 100% failures. If it does it would give me confirmation of my detective work. In my setup, all short (<1000 char) emails work all long ones fail with SSL/TLS. It seems that something is unreliable with ASSP/IO::Socket::SSL/SSLeay chain when the DATA section of the message is more than one packet (about 1458 bytes). The certificate is not likely the issue since you have gotten some email to work. I we have self signed certs and the mail clients all ask what to do when contacting the server the first time. Alan On Apr 6, 2009, at 10:00 AM, J.R. Oldroyd wrote: > On Mon, 6 Apr 2009 16:31:27 +0100, "Kevin Lawry" <kevin.la...@ndfs.co.uk > > wrote: >> >> Is there any way (other than by quizzing the senders sys-op) of >> knowing >> if it _is_ key verification that is the problem - I would happily >> spend >> the money if it would fix things but I would need to provide a cost >> justification to my boss. >> > You have already indicated the problem is intermittent for the > same clients. That strongly suggests they're not verifying keys > else the problem would happen all the time. > > There isn't an easy way for you to tell if they are verifying, > though. But I would imagine that a well-designed client that is > verifying and saw a verification failure would then close the > connection cleanly, rather than abandoning it and letting it > timeout. > > More likely a low-level problem. > > Shop around for certificate signing agencies, by the way. Not all > are expensive: some are even free. I doubt you have a key > verification > problem, though. Most email systems don't verify. > > -jr > > ------------------------------------------------------------------------ ------ > _______________________________________________ > Assp-test mailing list > Assp-test@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/assp-test ------------------------------------------------------------------------ ------ This SF.net email is sponsored by: High Quality Requirements in a Collaborative Environment. Download a free trial of Rational Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test ------------------------------------------------------------------------ ------ This SF.net email is sponsored by: High Quality Requirements in a Collaborative Environment. Download a free trial of Rational Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test ------------------------------------------------------------------------------ This SF.net email is sponsored by: High Quality Requirements in a Collaborative Environment. Download a free trial of Rational Requirements Composer Now! http://p.sf.net/sfu/www-ibm-com _______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test
