Stunnel swat configuration very slow
|Reported by:||Owned by:||Randy McMurchy|
|Severity:||normal||Keywords:||samba swat stunnel|
using BLFS svn-20060227
The default configuration of the stunnel samba/swat service result in a very slow access (about 30s) when using a https connection (I only test the case with firefox 1.5)in 2 case :
- Between the login and the main swat page
- When a documentation page is started
It seems that swat disconnect very quickly after sending data and so close the stunnel local socket but stunnel leave the remote socket alive for a long time after the event. The browser use the remote stunnel socket to send request but will never receive answer from this "connect to nothing" socket. it will only start to create a new connection (launch again swat by using inetd) when the remote socket is finnaly closed by itself (boring to wait).
I resolve the draw by setting "TIMEOUTclose = 1" (close the remote socket 1 seconde after the local one) in the swat service section of stunnel.conf It's write in the stunnel man page that by default this value is set to 0 (stunnel never close by itself the remote socket ?) because of a "buggy Microsoft IE".