SSL connections dropping with large messages

Bron Gondwana brong at fastmail.fm
Fri Sep 5 06:47:15 UTC 2008


On Thu, 14 Aug 2008 15:50:02 +1000, "Bron Gondwana" <brong at fastmail.fm> said:
> We had an issue with SSL connections dropping with large messages,
> which I tracked down to being caused by the issue fixed by this
> patch:
> 
> http://codereview.appspot.com/2341
> 
> I've applied the patch to my local copy (branch brong-dev on
> http://github.com/brong/brong-djabberd/ - I rebase it frequently,
> so don't get attached to it!)
> 
> What's the status of inclusion?  Jacob, are you waiting on anything?

So - no followups on this.  I committed it to SVN, but then iscovered it was bogus.

*sigh*.

Specifically, it defined a couple more constants with magic numbers
that are just wrong:

#define SSL_ERROR_NONE                  0
#define SSL_ERROR_SSL                   1
#define SSL_ERROR_WANT_READ             2
#define SSL_ERROR_WANT_WRITE            3
#define SSL_ERROR_WANT_X509_LOOKUP      4
#define SSL_ERROR_SYSCALL               5 /* look at error stack/return value/errno */
#define SSL_ERROR_ZERO_RETURN           6
#define SSL_ERROR_WANT_CONNECT          7
#define SSL_ERROR_WANT_ACCEPT           8

so says my copy of openssl/ssl.h

The end result being - whenever an SSL connection got dropped half way through,
it returns SSL_ERROR_SYSCALL, which DJabberd interpereted as WANT_ACCEPT and
blithely looped.

I've changed the code - branch brong-dev on github.  I've put it into
production on our systems, and if all goes well I'll push it back to
SVN soon.

Bron.
-- 
  Bron Gondwana
  brong at fastmail.fm



More information about the Djabberd mailing list