On Tue, Sep 24, 2002 at 12:01:07PM -0700, Marion Hakanson wrote: > Folks, > > I didn't find this issue discussed in this list's archives, so here goes....
Not at this lists archives (imap protocol, not imap server/client list) > I've recently been made aware of a problem with SSL connection startup > interacting with some TCP stacks' implementations of the Nagle algorithm, > which is used to coalesce what would be lots of tiny (1-character or so) > packets into larger packets, and the stacks' delayed-ACK schemes. I'm no > expert, but here are some references that discuss the issue in detail: Lately I have been playing a lot with OpenSSL library interacting with remote systems via non-blocking sockets (the only way to get even semi-reliable timeouting..), and it is rather complicated API to get fully functioning in all situations. ... > All this reading has led me to look for a way to set TCP_NODELAY for > secure IMAP sessions, since some of our users think this Nagle thing > might be affecting our secure IMAP connections. NAGLE does not kill the connectivity completely, however small mistakes at SSL API usage might do that. NAGLE might give you slow performance in some situations, of course. > In particular, I'm wondering if the Eudora SSL failures described in > the UW IMAP FAQ item 7.41 could be related to this issue: > > 7.41 Why can't I connect via SSL to Eudora? It says the connection has > been broken, and in the server syslogs I see "Command stream end of file". > > I don't know. However, there is a report that you can fix the problem by > going into Eudora's advanced network configuration menu and increasing > the network buffer size to 8192. > > Since we use the UW-IMAP server here, I looked at the code and found no > socket options being tweaked at all, let alone the Nagle setting. Has > there simply been no need? There should not be. > Regards, > -- > Marion Hakanson <[EMAIL PROTECTED]> > CSE Computing Facilities -- /Matti Aarnio <[EMAIL PROTECTED]>
