Jeffrey Walton wrote:
> On Tue, Mar 10, 2020 at 6:57 AM Frank Wille
> wrote:
>> But is it normal to create more than 200 crypto file descriptors for
>> each httpd process? Then I would have to recompile PHP with a larger
>> FD_SETSIZE, as it seems?
>
> If it is OpenSSL and /dev/crypto handles,
noloa...@gmail.com (Jeffrey Walton) writes:
>sideways. OpenSSL is supposed to open the device once and share it
>internally. From the head notes of engines/e_devcrypto.c:
>$ cat engines/e_devcrypto.c
>...
>/*
> * ONE global file descriptor for all sessions. This allows operations
> * such as
On Tue, Mar 10, 2020 at 6:57 AM Frank Wille wrote:
>
> Michael van Elst wrote:
>
> >> frank%phoenix.owl.de@localhost (Frank Wille) writes:
> >> [...]
> >> Were do they come from? Is that some kind of leak? What can I do (besides
> >> restarting Apache or the whole server)?
> >
> > Something is
fr...@phoenix.owl.de (Frank Wille) writes:
>Michael van Elst wrote:
>> I think the only option you have now is to prevent access to /dev/crypto.
>Confirmed! I renamed /dev/crypto and all the 200+ file desciptors per
>apache process are gone. Horde also feels snappier again and the PHP
>warning
Michael van Elst wrote:
> I think the only option you have now is to prevent access to /dev/crypto.
Confirmed! I renamed /dev/crypto and all the 200+ file desciptors per
apache process are gone. Horde also feels snappier again and the PHP
warning about FD_SETSIZE disappeared as well.
Thanks.
On 10/03/2020 10:57, Frank Wille wrote:
Michael van Elst wrote:
But is it normal to create more than 200 crypto file descriptors for each
httpd process? Then I would have to recompile PHP with a larger FD_SETSIZE,
as it seems?
That seems excessive. My admittedly lightly loaded SSL server
msporle...@gmail.com (matthew sporleder) writes:
>https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslcryptodevice
> could potentially override the use of that engine (if I'm
>understanding things correctly).
I think that's about using the cryptodev engine. If it were dynamically
loaded it
On Tue, Mar 10, 2020 at 10:59 AM Michael van Elst wrote:
>
> fr...@phoenix.owl.de (Frank Wille) writes:
>
> >> Something is using /dev/crypto. openssl would do that, but only if
> >> you configure it.
>
> >Yes, our web-server is also listening on port 443 for several virtual hosts,
> >so SSL is
fr...@phoenix.owl.de (Frank Wille) writes:
>> Something is using /dev/crypto. openssl would do that, but only if
>> you configure it.
>Yes, our web-server is also listening on port 443 for several virtual hosts,
>so SSL is configured.
It's not just SSL. openssl has its own crypto routines and
Michael van Elst wrote:
>> frank%phoenix.owl.de@localhost (Frank Wille) writes:
>> [...]
>> Were do they come from? Is that some kind of leak? What can I do (besides
>> restarting Apache or the whole server)?
>
> Something is using /dev/crypto. openssl would do that, but only if
> you configure
fr...@phoenix.owl.de (Frank Wille) writes:
>apache httpd 5661 229* crypto 0xfe83c27af9d8
>apache httpd 5661 230* crypto 0xfe83c27af930
>apache httpd 5661 231* crypto 0xfe83c27af888
>[...]
>Were do they come from? Is that some kind of leak? What can I do
Hi,
I am running "Horde webmail" with Apache 2.4.33 and PHP5.6 (both from
pkgsrc) on a NetBSD 8.1 server, which usually works pretty well, although a
little bit slow when dealing with bigger mails.
Today it became extremely slow. It requires nearly 60 seconds just to log
in. And any small action
12 matches
Mail list logo
