How to change the max size for file upload on AOLServer/CentOS 6?

Question

We have a portal for our customers that allow them to start new projects directly on our platform. The problem is that we cannot upload documents bigger than 10MO.

Every time I try to upload a file bigger than 10Mo, I have a "The connection was reset" error. After some research it seems that I need to change the max size for uploads but I don't know where to do it. I'm on CentOS 6.4/RedHat with AOL Server. Language: TCL.

Anyone has an idea on how to do it?

EDIT

In the end I could solve the problem with the command ns_limits set default -maxupload 500000000.

What unit is “MO”? Is it related to a megabyte? – Donal Fellows Mar 27 '19 at 15:08 — Donal Fellows, Mar 27 '19 at 15:08
«mégaoctet» pour les français – mrcalvin Mar 27 '19 at 15:14 — mrcalvin, Mar 27 '19 at 15:14
@Simon: Any reason you are not using NaviServer? – mrcalvin Mar 27 '19 at 15:15 — mrcalvin, Mar 27 '19 at 15:15
Yes sorry it's megabyte in english! – Simon Mar 27 '19 at 15:17 — Simon, Mar 27 '19 at 15:17
@mrcalvin I had to use what we already had unfortunately... – Simon Mar 27 '19 at 15:19 — Simon, Mar 27 '19 at 15:19

score 3 · Answer 1 · answered Mar 27 '19 at 15:12

3

In your config.tcl, add the following line to the nssock module section:

 set max_file_upload_mb 25
 # ...      
 ns_section ns/server/${server}/module/nssock
     # ...
     ns_param maxinput [expr {$max_file_upload_mb * 1024 * 1024}]
     # ...

It is also advised to constrain the upload times, by setting:

 set max_file_upload_min 5
 # ...      
 ns_section ns/server/${server}/module/nssock
     # ...
     ns_param  recvwait  [expr {$max_file_upload_min * 60}]

If running on top of nsopenssl, you will have to set those configuration values (maxinput, recvwait) in a different section.

answered Mar 27 '19 at 15:12

mrcalvin

3,291
12
18

Thank you for the answer. Actually in my `config.tcl` the maxinput was already set to `[expr 30 * 1024 * 1024]` and recvwait to `[expr 5 * 60]`. I am running `nsopenssl`, where should I set the configuration? – Simon Mar 27 '19 at 15:38
1

Did you read up the referenced page? It depends on your `nsopenssl` module section, sth. like `ns_section "ns/server/${servername}/module/nsopenssl/ssldriver/example`, with the trailing element `example` corresponding to what is set in main `ssldrivers` (plural!) section. – mrcalvin Mar 27 '19 at 15:42
Yes sorry I didn't notice where the changes were to be made at first. I have set both the ssldrivers for users and admins that were defined to maxinput `[expr 1024 * 1024 * 100]` but nothing has changed... I have restarted the server as well. Is there anything else that need to be done? – Simon Mar 27 '19 at 16:04
1

Can you post your config file? Anything suspicious in the `error.log`? – mrcalvin Mar 27 '19 at 16:32
1

What `nsopenssl` version are you running? How did you obtain it? – mrcalvin Mar 27 '19 at 16:41
Here is the config file : [config.file](https://drive.google.com/open?id=1hplBheq-VwKPBp1qlPRFSAAhRZ1uqF7Z) – Simon Mar 28 '19 at 08:46
My openssl version: `OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008`. It was already installed. I couldn't find anything suspicous related to the problem in the error log... – Simon Mar 28 '19 at 08:49
1

As for the `config.tcl`: Is this setup correct, for e.g., the sslcontext "admins" is not defined (commented out)? Also: I meant the version (way of obtaining) the AOLServer `nsopenssl` module, and not OpenSSL. Maybe it is better to reach out to the [OpenACS forums](https://openacs.org/forums/forum-view?forum_id=14014), there might be still some that can help you in investigating your setup. – mrcalvin Mar 28 '19 at 09:12
To be frank I'm not sure for the setup since I never updated the config file before. The thing is it was working fine before apparently. Just to be sure: what else might be the cause of such error? Could a firewall or something else prevent larger files to be uplaoded? – Simon Mar 28 '19 at 14:14

TrojanName · Answer 2 · 2019-03-28T19:35:22.843

2

I see that you are running Project Open. As well as setting the maxinput value for AOLserver, as described by mrcalvin, you also need to set 2 parameters in the Site Map:

Attachments package: parameter "MaximumFileSize"
File Storage package: parameter "MaximumFileSize"

These should be set to values in bytes, but not larger than the maxinput value for AOLserver. See the Project Open documentation for more info.

In the case where you are running Project Open using a reverse proxy, check the documentation here for Pound and here for Nginx. Most likely you will need to set a larger file upload limit there too.

edited Mar 28 '19 at 19:35

answered Mar 28 '19 at 09:56

TrojanName

4,853
5
29
41

Thank your for your answer. Both packages are installed. Attachments is set to **4096000** and File Storage to **524288000**. Are those expected values? Where can I find the systemwide AOLServer parameter maxinput? – Simon Mar 28 '19 at 14:08
1

The AOLserver maxinput parameter is the one mrcalvin explained to you. Regarding expected values, you could try making all 3 values the same. Don't forget to restart AOLserver, and test the result. – TrojanName Mar 28 '19 at 14:21
1

@Simon reflecting on this further, I suspect that older versions of PO didn't run natively under SSL, but instead used Nginx or other reverse proxy. This might explain the reason you are hitting the 10mb limit. In the config file you posted, AOLserver is listening on port 8000, which suggests that something else is listening on port 80. – TrojanName Mar 28 '19 at 19:30
1

I have updated my answer with suggestions for setting the file upload limit in the reverse proxy – TrojanName Mar 28 '19 at 19:36
I am indeed using pound as a reverse proxy. I added the line `MaxRequest 524288000` in the **ListenHTTP** section, but I still can't upload 10mb files... – Simon Mar 29 '19 at 08:27
1

@Simon, at this point you would need to do some debugging. For example, connect directly to the AOLserver on port 8000, and see if the file upload works. Check error and access logs for more details. Add some logging in the relevant Attachments or File Storage scripts. Eliminate any firewalls or other networking issues. – TrojanName Mar 29 '19 at 09:35
Sorry for the late answer I had to finish another project. I had a look in the pound logs and saw that line **pound: (2abbc4c37940) e500 error copy client cont to 0.0.0.0:8000/POST /intranet-filestorage/upload-2.tcl HTTP/1.1: Connection reset by peer (0.001 sec)**. Has it something to do with the timeout setting? – Simon Apr 04 '19 at 09:41
1

At this point, I would bypass Pound, and directly login to AOLserver on port :8000 and then try the file upload. You could even add some logging in upload-2.tcl e.g. ns_log Notice "upload-2: HERE I AM" – TrojanName Apr 04 '19 at 13:45
1

Actually, just looking at upload-2.tcl I see that there is another parameter that I wasn't previously aware of: MaxNumberOfBytes - this might be worth checking. However, it should give you an error message if you exceed that. – TrojanName Apr 04 '19 at 13:47
1

In the end I could solve the problem with the command `ns_limits set default -maxupload 500000000`. Thank you for all your help! – Simon Apr 05 '19 at 08:14

How to change the max size for file upload on AOLServer/CentOS 6?

2 Answers2