Opened 18 years ago

Closed 18 years ago

#1826 closed defect (fixed)

Stunnel swat configuration very slow

Reported by: sh_forlfs@… Owned by: Randy McMurchy
Priority: normal Milestone: 6.2.0
Component: BOOK Version: SVN
Severity: normal Keywords: samba swat stunnel
Cc:

Description

Hello,

using BLFS svn-20060227

The default configuration of the stunnel samba/swat service result in a very slow access (about 30s) when using a https connection (I only test the case with firefox 1.5)in 2 case :

  • Between the login and the main swat page
  • When a documentation page is started

It seems that swat disconnect very quickly after sending data and so close the stunnel local socket but stunnel leave the remote socket alive for a long time after the event. The browser use the remote stunnel socket to send request but will never receive answer from this "connect to nothing" socket. it will only start to create a new connection (launch again swat by using inetd) when the remote socket is finnaly closed by itself (boring to wait).

I resolve the draw by setting "TIMEOUTclose = 1" (close the remote socket 1 seconde after the local one) in the swat service section of stunnel.conf It's write in the stunnel man page that by default this value is set to 0 (stunnel never close by itself the remote socket ?) because of a "buggy Microsoft IE".

Change History (4)

comment:1 by Randy McMurchy, 18 years ago

Owner: changed from blfs-book@… to Randy McMurchy

Very cool. This has bothered me for a *long* time. Thanks for the report and the fix.

comment:2 by Randy McMurchy, 18 years ago

Status: newassigned

comment:3 by Randy McMurchy, 18 years ago

Milestone: 6.16.2

comment:4 by Randy McMurchy, 18 years ago

Resolution: fixed
Status: assignedclosed

Tested the "TIMEOUTclose = 1" parameter in the stunnel.conf file accessing SWAT over SSL and it works like a charm. My testing included two installations of SWAT (Samba), and 4 different browsers on 3 different platforms.

Updated the SWAT configuration on the Samba page to reflect the change.

The change will be committed with the Samba-3.0.22 update just as soon as Belgarath's SSH problem is resolved.

Note: See TracTickets for help on using tickets.