search

bggo / Zmbkpose

The zmbkpose tool is a shell script that does hot backup and hot restore of ZCS Opensource accounts, GPL(OPENSOURCE). It can run from any host in the net, which means that it can be set on a backup server already existent.
http://wiki.zimbra.com/wiki/HOT_Backup_and_HOT_Restore
GNU General Public License v3.0
79 stars 56 forks source link

curl: (35) SSL connect error #52

Closed monaengine closed 10 years ago

monaengine commented 10 years ago

Hello,

with the latest version of the program, rewrite_proposal_v2.0 after issue #51 , appears the error in object.

My environment has installed the following programs: Zimbra 8.0.6 libcurl-7.19.7-37.el6_4.x86_64 curl-7.19.7-37.el6_4.x86_64 openssl-1.0.1e-16.el6_5.7.x86_64

Operating System: CentOS release 6.5 (Final)

During backups, both full and incremental, the error appears. Never occurs during the backup of the same user, but it happens randomly.

Here the log backup of this night:

[root@mail backup]# tail backup_INC_20140624.log 2014-06-24 02:02:22 DEBUG: user1@domain1 - generated tar file /mnt/backup/user1@domain1/20140624020222:INC.tar 2014-06-24 02:02:22 DEBUG: user1@domain1 - backup size is 0 2014-06-24 02:02:22 DEBUG: user1@domain1 - END in 0secs, 2014-06-24 02:02:22 DEBUG: user2@domain2 - Last backup from 20/06/2014 02:00:38 ... 2014-06-24 02:02:22 DEBUG: user2@domain2 - START INC backup ... 2014-06-24 02:02:22 DEBUG: user2@domain2 - Doing ldap backup ... 2014-06-24 02:02:22 DEBUG: user2@domain2 - ldap backup complete 2014-06-24 02:02:22 DEBUG: user2@domain2 - Doing mailbox backup ... 2014-06-24 02:02:22 DEBUG: user2@domain2 - Doing mailbox backup ... curl: (35) SSL connect error [root@mail backup]#

When the error appears in the script exits and missing user are not saved.

In the zmbkpose.conf I disabled the parallel backups.

Launch the script command as follows:

su - zimbra-c "/usr/local/bin/zmbkpose -i" >> $ LOG 2> & 1

or

su - zimbra-c "/usr/local/bin/zmbkpose -f" >> $ LOG 2> & 1

liandros commented 10 years ago

There is a sporadic curl error in SSL negotiation. it was treated in issue #35 on commit da86ece2353d975de2a785bd600a5480101cf2ec from Sep 18, 2013.

I think there is not much you can do about this problem of ssl and curl, however in the above commit, was modified, then curl make 4 attempts before finally fail. In each attempt you can see a log saying: "Retry $i to https://$mailhost:7071 by SSL error" I can not see this in your logs. Could tell me if /usr/local/bin/zmbkpose in zimbra_mailbox_backup() function, line 307, has the follow lines that perform several attempts? :
''' function zimbra_mailbox_backup() { local mailbox="$1" local mailhost="$2" local search_query="$3" local backup_file=$4

    [ -n "$search_query" ] && search_query="&$search_query"

    #Because sporadic ssl error, we will try several times. See issues 35.
    for i in 1 2 3 4;do
            if ! $CURL_cmd $CURL_args -u $ADMINUSER:$ADMINPASS -o "$backup_file" \
                    "https://$mailhost:7071/home/$mailbox/?fmt=tgz$search_query" ;then
                    case $? in
                            35) debug "Retry $i to https://$mailhost:7071 by SSL error";continue ;;
                            *) return 1;; #Another errors
                    esac
            fi
            return 0
    done

'''

monaengine commented 10 years ago

The function seems to correctly implemented, but when encounters an curl error the script exit

function zimbra_mailbox_backup() { local mailbox="$1" local mailhost="$2" local search_query="$3" local backup_file=$4

    [ -n "$search_query" ] && search_query="&$search_query"

    #Because sporadic ssl error, we will try several times. See issues 35.
    for i in 1 2 3 4;do
            if ! $CURL_cmd $CURL_args -u $ADMINUSER:$ADMINPASS -o "$backup_file" \
                    "https://$mailhost:7071/home/$mailbox/?fmt=tgz$search_query" ;then
                    case $? in 
                            35) debug "Retry $i to https://$mailhost:7071 by SSL error";continue ;; 
                            *) return 1;; #Another errors
                    esac
            fi
            return 0
    done
    return 1

}

liandros commented 10 years ago

Sorry, it is a bug. I changed a bit the code, generating the issue52 branch. You can download and replace file zmbkpose with the modified version. Get it of the main page https://github.com/bggo/Zmbkpose , selecting branch issue52, or from https://raw.githubusercontent.com/bggo/Zmbkpose/issue52/src/zmbkpose Please, tell me if it worked.

Now the function code is : '''

function zimbra_mailbox_backup() { local mailbox="$1" local mailhost="$2" local search_query="$3" local backup_file=$4

    [ -n "$search_query" ] && search_query="&$search_query"

    #Because sporadic ssl error, we will try several times. See issues 35.
    for i in 1 2 3 4;do
            ret=0; $CURL_cmd $CURL_args -u $ADMINUSER:$ADMINPASS -o "$backup_file" \
                    "https://$mailhost:7071/home/$mailbox/?fmt=tgz$search_query" || ret=$?
            case $ret in 
                    35) debug "Try $i to https://$mailhost:7071 failed by SSL error";; 
                    0) return 0;;
                    *) debug "Curl exiting with error code $ret"; return 1;;
            esac
    done
    error "Backup failed after several attempts"
    return 1

}

'''

monaengine commented 10 years ago

work fine! thank you