Sebastian Hagedorn wrote: > -- Ken Murchison <murch@xxxxxxxxxxxxxx> is rumored to have mumbled on > 16. November 2007 15:54:50 -0500 regarding Re: One more attempt: stuck > processes: > >> That's exactly what Gary is seeing. > > Right. Apparently stripped binaries aren't any good for straces. > >> Its blocking in SSL_accept(). >> Apparently the client connects to port 995, and then either sends >> nothing, or goes away and leaves the socket open. Here's a patch that seems to fix the problem. I did some basic testing (Linux only) to make sure that it doesn't break anything else, but its always possible that it has some unforseen side effects. Keep an eye on it and let me know if you see anything unusual. --- prot.c.~1.93.~ 2007-11-17 10:02:49.000000000 -0500 +++ prot.c 2007-11-17 11:21:05.000000000 -0500 @@ -58,6 +58,7 @@ #ifdef HAVE_UNISTD_H #include <unistd.h> #endif +#include <sys/time.h> #include <sys/types.h> #include <sys/stat.h> #include <netinet/in.h> @@ -214,10 +215,20 @@ */ int prot_settimeout(struct protstream *s, int timeout) { + struct timeval tv; + assert(!s->write); s->read_timeout = timeout; s->timeout_mark = time(NULL) + timeout; + + /* Set a read timeout on the socket itself. This primarily prevents + * OpenSSL calls such as SSL_accept() from blocking indefinitely. + */ + tv.tv_sec = timeout; + tv.tv_usec = 0; + setsockopt(0, SOL_SOCKET, SO_RCVTIMEO, &tv, sizeof(struct timeval)); + return 0; } -- Kenneth Murchison Systems Programmer Project Cyrus Developer/Maintainer Carnegie Mellon University ---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html