Strange SSL slowdown

Sebastian Hagedorn Hagedorn at uni-koeln.de
Tue Mar 11 05:26:42 EST 2003


Hi,

we are experiencing a strange slowdown of SSL/TLS connections to POP and 
IMAP. This is our setup:

[root at lvr1 root]# cyradm --user cyrus cyrus
Password:
cyrus.rrz.uni-koeln.de> ver
name       : Cyrus IMAPD
version    : v2.1.12-Invoca-RPM-2.1.12-3 2003/02/03 20:43:58
vendor     : Project Cyrus
support-url: http://asg.web.cmu.edu/cyrus
os         : Linux
os-version : 2.4.9-e.12enterprise
environment: Cyrus SASL 2.1.12
             Sleepycat Software: Berkeley DB 4.0.14: (November 18, 2001)
             OpenSSL 0.9.6b [engine] 9 Jul 2001
             CMU Sieve 2.2
             TCP Wrappers
             mmap = shared
             lock = fcntl
             nonblock = fcntl
             auth = unix
             idle = poll
             dirhash = full
             mboxlist.db = skiplist
             subs.db = flat
             seen.db = skiplist
             duplicate.db = db3-nosync
             tls.db = db3-nosync

Initially everything is fine. But it seems that over time something goes 
wrong with SSL. At first I thought it might be lack of entropy, but I don't 
believe that any longer. Here's what happens:

[root at lvr1 root]# pop3test -s -m PLAIN -a a0620 -u a0620 pop.uni-koeln.de

When I do that command, nothing happens for several minutes. I did an 
strace on the process:

[root at lvr1 root]# strace -p 9959
select(0, NULL, NULL, NULL, {0, 680000}) = 0 (Timeout)
select(0, NULL, NULL, NULL, {1, 0})     = 0 (Timeout)
.... (many more lines like that)
open("/var/lib/imap/tls_sessions.db", O_RDWR|O_CREAT|O_EXCL|O_LARGEFILE, 
0664) = -1 EEXIST (File exists)
brk(0x8097000)                          = 0x8097000
time([1047377450])                      = 1047377450
getpid()                                = 9959

>From that point onwards everything is fine, but it takes literally minutes 
to get there. Restarting master gets rid of the problem, but that's not 
really a solution ;-)

Any ideas?

Regards, Sebastian Hagedorn
--
Sebastian Hagedorn M.A. - Postmaster - RZKR-R1 (Gebäude 52), Zimmer 18
Zentrum für angewandte Informatik - Universitätsweiter Service RRZK
Universität zu Köln / Cologne University - Tel. +49-221-478-5587
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 194 bytes
Desc: not available
Url : https://lists.andrew.cmu.edu/mailman/private/info-cyrus/attachments/20030311/d4e2af34/attachment.bin


More information about the Info-cyrus mailing list