I tested the timeout using a SSL connection and a normal connection and get two different result ! The SSL was working as expected but the normal one "timeout" in a different way, it get a SIGTERM ! I will repeat the test Here is the normal one : # telnet localhost 110 Trying 127.0.0.1... Connected to localhost.localdomain (127.0.0.1). Escape character is '^]'. +OK eg01.emailgency.loc Cyrus POP3 v2.3.9-openpkg server ready user alain.spineux@xxxxxxxxxxxx +OK Name is a valid mailbox pass ******** +OK Mailbox locked and ready list +OK scan listing follows 1 1779 . # I dont send anymore command for 10min and wait for the timeout ! Connection closed by foreign host. Here is the strace from the list command read(0, "list\r\n", 4096) = 6 time(NULL) = 1195253508 write(13, "<1195253508<", 12) = 12 write(13, "list\r\n", 6) = 6 open("/kolab/var/imapd/msg/shutdown", O_RDONLY) = -1 ENOENT (No such file or directory) select(1, [0], NULL, NULL, {0, 0}) = 0 (Timeout) time(NULL) = 1195253508 write(13, ">1195253508>", 12) = 12 write(13, "+OK scan listing follows\r\n1 1779"..., 37) = 37 write(1, "+OK scan listing follows\r\n1 1779"..., 37) = 37 time(NULL) = 1195253508 select(1, [0], NULL, NULL, {600, 0} ) = ? ERESTARTNOHAND (To be restarted) # # HERE IT IS WAITING FOR 10min AS EXPECTED --- SIGTERM (Terminated) @ 0 (0) --- Process 5720 detached I dont understand why it got a SIGTERM ! And the file $cyrus_home/proc/5720 was not unlinked ! This is maybe why I have lot of them in the proc dir ! Here is the SSL one # openssl s_client -connect localhost:995 -----8<--- all the SSL stuff ----->8--- +OK eg01.emailgency.loc Cyrus POP3 v2.3.9-openpkg server ready user alain.spineux@xxxxxxxxxxxx +OK Name is a valid mailbox pass ***** +OK Mailbox locked and ready list +OK scan listing follows 1 1779 . read:errno=0 and the strace from the list command read(0, "\27\3\1\0 ", 5) = 5 read(0, "g(\206\27\352\365r\20H\332\1\35Q~\314\200Pi\f\245,#\270"..., 32) = 32 read(0, "\27\3\1\0 ", 5) = 5 read(0, "\341\307\253OCBT8\305m\264\221\360\277\377N\245\3512\1"..., 32) = 32 time(NULL) = 1195254519 write(14, "<1195254519<", 12) = 12 write(14, "list\n", 5) = 5 open("/kolab/var/imapd/msg/shutdown", O_RDONLY) = -1 ENOENT (No such file or directory) select(1, [0], NULL, NULL, {0, 0}) = 0 (Timeout) time(NULL) = 1195254519 write(14, ">1195254519>", 12) = 12 write(14, "+OK scan listing follows\r\n1 1779"..., 37) = 37 write(1, "\27\3\1\0@\374j\255/\25\325\331\356(\320\23Z\333E\333\310"..., 69) = 69 time(NULL) = 1195254519 select(1, [0], NULL, NULL, {600, 0} # # Here select waited for 10min # ) = 0 (Timeout) time(NULL) = 1195255119 close(9) = 0 munmap(0xe86000, 4096) = 0 unlink("/kolab/var/imapd/proc/13469") = 0 close(11) = 0 munmap(0xf58000, 302) = 0 close(12) = 0 munmap(0xf61000, 16384) = 0 close(13) = 0 munmap(0x223000, 16384) = 0 close(7) = 0 close(10) = 0 munmap(0xccf000, 40960) = 0 munmap(0x113000, 1081344) = 0 munmap(0x8bb000, 360448) = 0 munmap(0x59d000, 2629632) = 0 munmap(0xcf3000, 98304) = 0 munmap(0x887000, 24576) = 0 exit_group(0) = ? Process 13469 detached This look like more normal and the proc/13469 was removed ! Regards On Nov 16, 2007 11:17 PM, Sebastian Hagedorn <Hagedorn@xxxxxxxxxxxx> wrote: > -- Ken Murchison <murch@xxxxxxxxxxxxxx> is rumored to have mumbled on 16. > November 2007 16:55:27 -0500 regarding RE: Bingo!: > > > It looks like it timed out properly, correct? > > Exactly. So the non-SSL code path is not affected, but SSL gets stuck. The > manpage for SSL_read says: > > "If the underlying BIO is blocking, SSL_read() will only return, once > the read operation has been finished or an error occurred, except > when > a renegotiation take place, in which case a SSL_ERROR_WANT_READ may > occur. This behaviour can be controlled with the SSL_MODE_AUTO_RETRY > flag of the SSL_CTX_set_mode(3) call. > > If the underlying BIO is non-blocking, SSL_read() will also return > when > the underlying BIO could not satisfy the needs of SSL_read() to con- > tinue the operation. In this case a call to SSL_get_error(3) with the > return value of SSL_read() will yield SSL_ERROR_WANT_READ or > SSL_ERROR_WANT_WRITE. As at any time a re-negotiation is possible, a > call to SSL_read() can also cause write operations! The calling > process > then must repeat the call after taking appropriate action to satisfy > the needs of SSL_read(). The action depends on the underlying BIO. > When > using a non-blocking socket, nothing is to be done, but select() can > be > used to check for the required condition. When using a buffering BIO, > like a BIO pair, data must be written into or retrieved out of the > BIO > before being able to continue." > > I haven't yet found what BIO stands for According to Wikipedia it's "an > abstraction library used by OpenSSL to handle communication of various > kinds, including files and sockets, both secure and not". > > I'm not sure what to make of that. I would assume that we've got a blocking > BIO, because it is - d'oh - blocking. But I don't see how you influence > what kind of BIO you use. > -- > Sebastian Hagedorn - Postmaster - RZKR-R1 (Flachbau), Zimmer 18 > > Zentrum für angewandte Informatik - Universitätsweiter Service RRZK > Universität zu Köln / Cologne University - Tel. +49-221-478-5587 > ---- > Cyrus Home Page: http://cyrusimap.web.cmu.edu/ > Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki > List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html > -- Alain Spineux aspineux gmail com May the sources be with you ---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html