[ejabberd] Re: S2S SSL problem: too many open files

Magnus Henoch mange at freemail.hu
Sun May 21 21:12:48 MSD 2006


Magnus Henoch <mange at freemail.hu> writes:

> =INFO REPORT==== 2006-05-10 22:48:15 ===
> I(<0.3971.17>:ejabberd_s2s_out:688): terminated: {{badmatch,
>                                                       {error,
> "SSL_CTX_use_certificate_file failed: error:02001018:system library:fopen:Too many open files"}},
>                                                   [{ejabberd_s2s_out,
>                                                        wait_for_starttls_proceed,
>                                                        2},
>                                                    {gen_fsm,handle_msg,7},
>                                                    {proc_lib,init_p,5}]}
>
> When this happens, the user that tried to send a stanza to that server
> receives a "remote server not found" error.
>
> I'm not sure which process might be keeping files open; the limit is
> set to 65536, which should be enough.  Has anyone else seen this?

Found the problem.  Under 32-bit Solaris, fopen reports "Too many open
files" whenever it gets a file descriptor with higher number than 255,
regardless of rlimit.

Would it be possible to load the certificate at server start, so
OpenSSL doesn't need to access any files?

-- 
Magnus
JID: legoscia at jabber.cd.chalmers.se



More information about the ejabberd mailing list