1

I've been running on this issue for a few days. I haven't made configuration changes, apart from the usual system/security updates.

Server runs on Debian Wheezy
PHP 5.4.41-1~dotdeb+7.1
Nginx 1.8.0-1~dotdeb+7.1

I'm running a PHP/Postgresql app.

Nginx uses php-fpm in a chrooted environment.

It took me some time to isolate the cause of a 504 bad gateway error that my users started to get last week.

The log for php-fpm shows that kind of errors :

2015/05/28 15:19:32 [error] 6393#6393: *792 upstream timed out (110: Connection timed out) while reading response header from upstream, client: 90.50.31.149, server: www.myhost.com, request: "POST /myapp/?page=account&password HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.mypool.sock", host: "www.myhost.com", referrer: "https://www.myhost.com/myapp/?page=account&password"

After a bit of googling, I raised the capacity of php-fpm :

pm.max_children = 70
pm.start_servers = 20
pm.min_spare_servers = 20
pm.max_spare_servers = 35
pm.max_requests = 500

(The hardware can handle it)

And I also added the directive for nginx :

fastcgi_read_timeout 120;

I have the slowlog on, and this error seems linked to the server not responding:

[28-May-2015 15:17:35]  [pool mypool] pid 6970
script_filename = htdocs//app/index.php
[0x00007f509caa9de8] fgets() /usr/share/php/Net/Socket.php:486
[0x00007f509caa9740] readLine() /usr/share/php/Net/SMTP.php:335
[0x00007f509caa9568] _parseResponse() /usr/share/php/Net/SMTP.php:1278
[0x00007f509caa8d20] rset() /usr/share/php/Mail/smtp.php:381
[0x00007f509caa7d18] getSMTPObject() /usr/share/php/Mail/smtp.php:248
[0x00007f509caa7478] send() /htdocs/app/lib/mail.func.php:86
[0x00007f509caa7180] msg() /htdocs/app/lib/account.func.php:421
[0x00007f509caa69b0] sendToken() /htdocs/app/lib/account.func.php:386
[0x00007f509caa5fe8] newToken() /htdocs/app/lib/account.func.php:425
[0x00007f509caa4ce0] +++ dump failed

It seems the error is occurring within PEAR's internal soup.

There is a copy of /usr/share/php in the chrooted environment for nginx and php-fpm to access and I made sure the copy is up to date.

My app relies on PEAR::Mail to send formated e-mails, like when a user needs to recover his password. My users being short-minded, they need to recover it often and crash the server every time. I set a cron job to restart the server regularly, but this is short term : I need the mail function to work properly as it used to.

Has anyone got an idea as to what I should/could do ?

EDIT - After some playing around, it seems to be a matter of correctly resolving the smtp server's address, that might be related to nginx and php-fpm being chrooted, as I managed to get it to work in a "normal" environment (not chrooted).

I can dig and nslookup from the server.

In php.ini, I made sure :

allow_url_fopen on
allow_url_include on

(though the latter doesn't look really necessary in my case)

I also made sure that php has openssl and sockets enabled.

I even added a resolver directive in my nginx.conf and copied /etc/hosts (with an entry for my mail server) in the chrooted tree.

Now when I change the host in my smtp settings, I get different error messages :

  • host = mail.server.net
    the server hangs and I get a 504
  • host = ip
    the server hangs and I get a 504
  • host = ssl://mail.server.net
    Failed to connect to ssl://mail.server.net:465 [SMTP: Failed to connect socket: fsockopen(): unable to connect to ssl://mail.server.net:465 (Unknown error) (code: -1, response: )]
  • host = https://mail.server.net
    Failed to connect to https://ns0.ovh.net:465 [SMTP: Failed to connect socket: fsockopen(): unable to connect to https://ns0.ovh.net:465 (Unable to find the socket transport "https" - did you forget to enable it when you configured PHP?) (code: -1, response: )]

phpinfo() shows
Registered PHP Streams : https, ftps, compress.zlib, compress.bzip2, php, file, glob, data, http, ftp, zip, phar
Registered Stream Socket Transports : tcp, udp, unix, udg, ssl, sslv3, tls

I see I don't have the socket transport "https" : how can I enable it ?

Manumie
  • 41
  • 1
  • 5

1 Answers1

0

What I deduce from your stack trace is:

  • Your web app is contacting an external SMTP server to deliver some mail.
  • The PEAR library sent an RSET command to the SMTP server.
  • The SMTP server did not send a response to the command; it just hung.

The big problem I see here is that you only send an RSET command to a mail server if it has already rejected a message you proposed to send. I suspect the mail server, after rejecting the email, simply firewalled you or otherwise ignored you.

Your next step is to contact the mail server administrator.

Michael Hampton
  • 244,070
  • 43
  • 506
  • 972
  • Right, the smtp server I'm sending to is keeping me out. I tested my code on another machine (running Apache) and I got a return from PEAR : `SMTP: Failed to connect socket: Connection timed out (code: -1, response: )]` ; Apache didn't hang So I have a SMTP problem (I'm gonna play with the parameters) and a server (nginx or php-fpm) config problem : the SMTP issue shouldn't put the server in such trouble – Manumie May 28 '15 at 16:35
  • The SMTP config was aloof, I managed to get a mail sent on my test config under Apache. Now with nginx, the server doesn't crash anymore. I get some error message `SMTP: Failed to connect socket: fsockopen(): unable to connect to ssl://mail.server.net:465 (php_network_getaddresses: getaddrinfo failed: Name or service not known`; looks more like a DNS problem now - still doesn't explain why the server would crash with the previous SMTP parameters – Manumie May 28 '15 at 17:08
  • Your answer put me on the trail but it doesn't solve my problem, so I can't mark it as the answer. And I don't have enough XP to +1 you, but I would ! I updated my question so it shows the little progress I made. – Manumie May 28 '15 at 18:49