Participants
Maciek Sakrejda
Maciek Sakrejda
Heikki Linnakangas
Heikki Linnakangas
Attachments

No attachments in this thread

Thread Outline
#1Maciek SakrejdaMaciek Sakrejda
Jan 25, 2015
#2Heikki LinnakangasHeikki Linnakangasto Maciek Sakrejda (#1)
Jan 26, 2015
#3Maciek SakrejdaMaciek Sakrejdato Heikki Linnakangas (#2)
Jan 26, 2015

Re: Client deadlocks when connecting via ssl

Started by Maciek Sakrejdaalmost 11 years ago3 messages
#1Maciek Sakrejda
Maciek Sakrejda
maciek@heroku.com

Hello,

I wanted to follow up on a bug report [1]/messages/by-id/5436991B.5020708@vmware.com from October. In a reply, Heikki
conceded that there does seem to be an issue with how Postgres interacts
with OpenSSL, but the nature of the API makes it difficult to fix.

I'm with Heroku Postgres, and though the issue is not Heroku-specific, it
does seem to affect a lot of our customers, especially ones using the
Python Gunicorn web server. One particular account of this is written up in
a blog post [2]http://blog.maestropublishing.com/2015/01/16/gunicorn-dyno-death-spiral-on-heroku-part-ii/. It's a frustrating issue that's rather hard to diagnose.

Is there anything we can do to help resolve this? Are there any recommended
workarounds?

Thanks,
Maciek

[1]: /messages/by-id/5436991B.5020708@vmware.com
[2]: http://blog.maestropublishing.com/2015/01/16/gunicorn-dyno-death-spiral-on-heroku-part-ii/
http://blog.maestropublishing.com/2015/01/16/gunicorn-dyno-death-spiral-on-heroku-part-ii/

#2Heikki Linnakangas
Heikki Linnakangas
hlinnakangas@vmware.com
In reply to: Maciek Sakrejda (#1)

On 01/25/2015 10:33 PM, Maciek Sakrejda wrote:

Hello,

I wanted to follow up on a bug report [1] from October. In a reply, Heikki
conceded that there does seem to be an issue with how Postgres interacts
with OpenSSL, but the nature of the API makes it difficult to fix.

I'm with Heroku Postgres, and though the issue is not Heroku-specific, it
does seem to affect a lot of our customers, especially ones using the
Python Gunicorn web server. One particular account of this is written up in
a blog post [2]. It's a frustrating issue that's rather hard to diagnose.

Is there anything we can do to help resolve this? Are there any recommended
workarounds?

I couldn't come up with any good solutions. I would suggest speaking to
the OpenSSL folk. They must be aware of the issue, so what do they
recommend, do they have any plans to fix it, and if there's anything you
can do to help them.

- Heikki

--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

#3Maciek Sakrejda
Maciek Sakrejda
maciek@heroku.com
In reply to: Heikki Linnakangas (#2)

On Sun, Jan 25, 2015 at 11:13 PM, Heikki Linnakangas <
hlinnakangas@vmware.com> wrote:

I couldn't come up with any good solutions. I would suggest speaking to
the OpenSSL folk. They must be aware of the issue, so what do they
recommend, do they have any plans to fix it, and if there's anything you
can do to help them.

Thanks. We'll give that a shot.

← Back to Topics