| Author |
Message |
|
| Ke Han |
 Posted: Mon Aug 28, 2006 10:34 am |
 |
|
|
User
Joined: 02 Mar 2005
Posts: 107
Location: Shanghai
|
|
| Back to top |
 
|
| Guest |
| Posted: Mon Aug 28, 2006 12:20 pm |
|
|
|
Guest
|
ke han wrote:
> I'm about to develop a yaws app which will serve most of its pages as
> as HTTPS. Pretty much everything expect the home page.
> I would like to know any concerns/limitations of the underlying SSL
> used by Yaws.
> I have seen old erlang maillist posts such as:
> http://erlang.org/ml-archive/erlang-questions/200311/msg00252.html
>
> This post seem to indicate the issue is needing to tune erlang to
> handle a large number of sockets.
> Anything else I should know about for handling large numbers of HTTPS
> requests?
>
The OTP SSL implementation isn't the best in town. It's ok
but it has had a number of obscure bugs over the years.
we've built several high traffic SSL sites with yaws + ssl
and also submitted a number of small but crucial ssl bugfixes
to the otp group.
As it stands now, all should be ok.
As for that old post that had FD_SETSIZE set to 256, it
doesn't sound really up to date. Also, looking at the code
in esock_poll.c it seems as if OTP ssl now use poll instead
of select() so, the number of SSL sockets should really be
limited by the max num open fds for that unix process which
is tunable to very high number in most modern unices.
/klacke
--
Claes Wikstrom -- Caps lock is nowhere and
http://www.tail-f.com -- everything is under control
cellphone: +46 70 2097763
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Erlyaws-list mailing list
Erlyaws-list@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/erlyaws-list
Post recived from mailinglist |
|
|
| Back to top |
|
| Ke Han |
| Posted: Tue Aug 29, 2006 4:14 am |
|
|
|
User
Joined: 02 Mar 2005
Posts: 107
Location: Shanghai
|
thanks Claes...
thats just the kind of confident response I was hoping for  ..
BTW, I listened to your BSD radio interview...glad to hear yaws
getting the word out to the masses. If you can call the BSD
community massive...all is relative when your sitting on an erlang
rock.
The most important thing I learned from the audiocast is that Claes
is not pronounced "Claws". I doubt I can yet pronounce your name
correctly, but I do know that "Claws" isn't correct
thanks again, ke han
On Aug 28, 2006, at 8:20 PM, Claes Wikstr |
|
|
| Back to top |
|
| Guest |
| Posted: Tue Aug 29, 2006 6:02 am |
|
|
|
Guest
|
There is a SSL issue I have discovered. The Erlang/OTP http parser can
only handle HTTP headers of at most 1024 characters per line. This
becomes an issue when there a client is passing in large cookies.
The reason is that the Erlang/OTP R10 http parser uses a default 1024
byte buffer for parsing lines (OTP R11 has a it larger default buffer
size about 1400 bytes).
This only affects https and not http, since yaws sets a larger buffer
size for unencrypted TCP connections. Unfortunately though, the SSL
interface does not allow the buffer size to be set or changed. 
If you think this may be a problem, here is one fix:
In the Erlang/OTP source directory, edit the file:
./erts/emulator/drivers/common/inet_drv.c
Change
#define INET_DEF_BUFFER 1024 /* default buffer size */
To:
#define INET_DEF_BUFFER (1024* /* default buffer size */
Then recompile Erlang/OTP and re-install.
Matt Reilly
SIPphone Inc.
ke han wrote:
> thanks Claes...
> thats just the kind of confident response I was hoping for ..
>
> BTW, I listened to your BSD radio interview...glad to hear yaws
> getting the word out to the masses. If you can call the BSD
> community massive...all is relative when your sitting on an erlang
> rock.
> The most important thing I learned from the audiocast is that Claes
> is not pronounced "Claws". I doubt I can yet pronounce your name
> correctly, but I do know that "Claws" isn't correct
> thanks again, ke han
>
>
> On Aug 28, 2006, at 8:20 PM, Claes Wikstr |
|
|
| Back to top |
|
| Ke Han |
| Posted: Tue Aug 29, 2006 6:44 am |
|
|
|
User
Joined: 02 Mar 2005
Posts: 107
Location: Shanghai
|
thanks for the info..hopefully, I can keep my cookies small
If not, I'll keep your fix tagged so I can use it if necessary.
ke han
On Aug 29, 2006, at 2:01 PM, Matthew Reilly wrote:
> There is a SSL issue I have discovered. The Erlang/OTP http parser can
> only handle HTTP headers of at most 1024 characters per line. This
> becomes an issue when there a client is passing in large cookies.
>
> The reason is that the Erlang/OTP R10 http parser uses a default 1024
> byte buffer for parsing lines (OTP R11 has a it larger default buffer
> size about 1400 bytes).
>
> This only affects https and not http, since yaws sets a larger buffer
> size for unencrypted TCP connections. Unfortunately though, the SSL
> interface does not allow the buffer size to be set or changed.
>
> If you think this may be a problem, here is one fix:
>
> In the Erlang/OTP source directory, edit the file:
> ./erts/emulator/drivers/common/inet_drv.c
> Change
> #define INET_DEF_BUFFER 1024 /* default buffer size */
> To:
> #define INET_DEF_BUFFER (1024* /* default buffer
> size */
>
> Then recompile Erlang/OTP and re-install.
>
> Matt Reilly
> SIPphone Inc.
>
>
>
>
> ke han wrote:
>> thanks Claes...
>> thats just the kind of confident response I was hoping for ..
>>
>> BTW, I listened to your BSD radio interview...glad to hear yaws
>> getting the word out to the masses. If you can call the BSD
>> community massive...all is relative when your sitting on an erlang
>> rock.
>> The most important thing I learned from the audiocast is that Claes
>> is not pronounced "Claws". I doubt I can yet pronounce your name
>> correctly, but I do know that "Claws" isn't correct
>> thanks again, ke han
>>
>>
>> On Aug 28, 2006, at 8:20 PM, Claes Wikstr |
|
|
| Back to top |
|
| tobbe |
| Posted: Tue Aug 29, 2006 7:02 am |
|
|
|
User
Joined: 19 Jan 2005
Posts: 274
Location: Stockholm, Sweden
|
ke han wrote:
> thanks Claes...
> thats just the kind of confident response I was hoping for ..
>
> BTW, I listened to your BSD radio interview...glad to hear yaws
> getting the word out to the masses. If you can call the BSD
> community massive...all is relative when your sitting on an erlang
> rock.
> The most important thing I learned from the audiocast is that Claes
> is not pronounced "Claws". I doubt I can yet pronounce your name
> correctly, but I do know that "Claws" isn't correct
> thanks again, ke han
He he, that was funny 
"Claws the maker of Yaws!"
--Tobbe
>
>
> On Aug 28, 2006, at 8:20 PM, Claes Wikstr |
|
|
| Back to top |
 
|
|
|
All times are GMT
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum
|
|
|
Digg It
Del.icio.us
Reddit
Facebook
Stumble Upon
Technorati
