On Mon, Dec 21, 2009 at 11:54:25AM +1100, Russell Coker wrote: > Package: perdition > Version: 1.17.1-2 > Severity: normal > > I have Perdition running on an AMD64 system. Here is what happens with an > idle port 110 session: > # date ; telnet server0 110 ; date > Sun Dec 20 23:30:34 GMT 2009 > Trying 10.0.0.21... > Connected to server0. > Escape character is '^]'. > +OK POP3 Ready server0 0001d0b1 > Connection closed by foreign host. > Mon Dec 21 00:00:34 GMT 2009 > > The default timeout is 1800s, and port 110 is working exactly as desired. > > Here is what happens with a port 995 session: > # date ; telnet server0 995 ; date > Sun Dec 20 23:30:40 GMT 2009 > Trying 10.0.0.21... > Connected to server0. > Escape character is '^]'. > > The session does not get closed. It's now 51 minutes past the time when the > session should have timed out, and it shows no signs of ending. > > Due to some problems with clients I have some sessions that last for weeks > with no activity - apparently due to this problem. This wouldn't be a > problem if it was only a few sessions, but I can get 500+ connections to a > single server in that state and swap starts being used.
Hi Russell, In the case of the test that you ran above it looks like the code is waiting forever inside the openssl call SSL_accept() which is made in __perdition_ssl_connection(). The timeouts in perdition actually only operate on select() and pre-date the introduction of SSL. I'm scratching my head for a fix for this one. Any suggestions would be welcome. I'm hoping not to have to resort to setitimer(). -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
