thanks for the info..hopefully, I can keep my cookies small ;-)
If not, I'll keep your fix tagged so I can use it if necessary.
On Aug 29, 2006, at 2:01 PM, Matthew Reilly wrote:
> There is a SSL issue I have discovered. The Erlang/OTP http parser can
> only handle HTTP headers of at most 1024 characters per line. This
> becomes an issue when there a client is passing in large cookies.
> The reason is that the Erlang/OTP R10 http parser uses a default 1024
> byte buffer for parsing lines (OTP R11 has a it larger default buffer
> size about 1400 bytes).
> This only affects https and not http, since yaws sets a larger buffer
> size for unencrypted TCP connections. Unfortunately though, the SSL
> interface does not allow the buffer size to be set or changed. :(
> If you think this may be a problem, here is one fix:
> In the Erlang/OTP source directory, edit the file:
> #define INET_DEF_BUFFER 1024 /* default buffer size */
> #define INET_DEF_BUFFER (1024*8) /* default buffer =20
> size */
> Then recompile Erlang/OTP and re-install.
> Matt Reilly
> SIPphone Inc.
> ke han wrote:
>> thanks Claes...
>> thats just the kind of confident response I was hoping for ;-)..
>> BTW, I listened to your BSD radio interview...glad to hear yaws
>> getting the word out to the masses. If you can call the BSD
>> community massive...all is relative when your sitting on an erlang
>> rock. ;-)
>> The most important thing I learned from the audiocast is that Claes
>> is not pronounced "Claws". I doubt I can yet pronounce your name
>> correctly, but I do know that "Claws" isn't correct ;-)
>> thanks again, ke han
>> On Aug 28, 2006, at 8:20 PM, Claes Wikstr=F6m wrote:
>>> ke han wrote:
>>>> I'm about to develop a yaws app which will serve most of its pages
>>>> as as HTTPS. Pretty much everything expect the home page.
>>>> I would like to know any concerns/limitations of the underlying
>>>> SSL used by Yaws.
>>>> I have seen old erlang maillist posts such as:
>>>> This post seem to indicate the issue is needing to tune erlang to
>>>> handle a large number of sockets.
>>>> Anything else I should know about for handling large numbers of
>>>> HTTPS requests?
>>> The OTP SSL implementation isn't the best in town. It's ok
>>> but it has had a number of obscure bugs over the years.
>>> we've built several high traffic SSL sites with yaws + ssl
>>> and also submitted a number of small but crucial ssl bugfixes
>>> to the otp group.
>>> As it stands now, all should be ok.
>>> As for that old post that had FD_SETSIZE set to 256, it
>>> doesn't sound really up to date. Also, looking at the code
>>> in esock_poll.c it seems as if OTP ssl now use poll instead
>>> of select() so, the number of SSL sockets should really be
>>> limited by the max num open fds for that unix process which
>>> is tunable to very high number in most modern unices.
>>> Claes Wikstrom -- Caps lock is nowhere and
>>> http://www.tail-f.com -- everything is under control
>>> cellphone: +46 70 2097763
>> Using Tomcat but need to do more? Need to support web services, =20
>> Get stuff done quickly with pre-integrated technology to make your =20=
>> job easier
>> Download IBM WebSphere Application Server v.1.0.1 based on Apache =20
>> Erlyaws-list mailing list
> Using Tomcat but need to do more? Need to support web services, =20
> Get stuff done quickly with pre-integrated technology to make your =20
> job easier
> Download IBM WebSphere Application Server v.1.0.1 based on Apache =20
> Erlyaws-list mailing list