strange tls_start_servertls() error
Tobias Blass
tobiasblass at t-online.de
Fri Dec 28 07:52:18 EST 2012
On Fri, Nov 30, 2012 at 10:20:38AM -0600, Dan White wrote:
> On 11/30/12 16:53 +0100, Tobias Blass wrote:
> >On Fri, Nov 30, 2012 at 09:46:33AM -0600, Dan White wrote:
> >>On 11/30/12 10:45 +0100, Tobias Blass wrote:
> >>>Hi all,
> >>>I'm administrating an IMAP server for about 25 people running cyrus version 2.2.13-19+squeeze3.
> >>>Multiple times per day the following error message appears in the logs:
> >>>
> >>>imaps TLS negotiation failed: [IP address of a client]
> >>>Fatal error: tls_start_servertls() failed
> >>>process 31912 exited, status 75
> >>>service imaps pid 31912 in BUSY state: terminated abnormally
> >>>
> >>
> >>Sound like:
> >>
> >>https://bugzilla.cyrusimap.org/show_bug.cgi?id=3207
> >>
> >>There have been a few TLS fixes since 2.2.x, discussed in the 2.4.16
> >>changes file.
> >>
> >
> >Well if it was that error then increasing maxchild to 1000 should fix it,
> >shouldn't it? I don't think that I can hit the maxchild limit of 1000 with about
> >25 people. Is it possible that cyrus doesn't really reuse the already spawned
> >children and hit the limit with 970 unused child proxesses?
>
> You should use ps, or netstat, to determine if you're hitting a child
> process limit.
>
Ok I have collected some data now and found the time to analyze it (The problem
is that this message appears at irregular times and is hard to observe). When
this message appeared netstat and ps say there are ~30-40 connections/imapd
instances open, so I should not hit the child process limit.
> It's possible that you're hitting a bug where the initial connection is
> failing, the client disconnects, and the server process hangs until
> timeout.
>
Well if it really is such a bug I can just ignore this message, I guess.
More information about the Info-cyrus
mailing list