Archive for October, 2012
Recently we’ve been working on some payment related code and found that communication with PayPal’s Sandbox was constantly failing due to SSL related errors, such as these:
curl_exec error 35 error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure
curl_exec error 60 SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
As a result, we couldn’t test any code properly which led to a lot of frustration. As it turns out, we weren’t alone in this.
After trying to figure things out, testing our certificates and verifying everything was setup correctly we eventually realised that the PayPal PHP SDK actually has a mistake in it, and specifies the incorrect endpoints for their sandbox when using the API Signature communications method.
On page 25 of their API reference document (PDF) actually specifies the the API Signature and the API Certificate methods on the sandbox should be the same:
But this is not the case, an assertion I make supported by a different set of documentation on the PayPal site.
Fixing the Issue
The entries in the SDK you download are actually wrong so we edited our PayPal SDK files (
PayPal/wsdl/paypal-endpoints.php) to point as the correct endpoints specified in the latter document and everything worked fine.
We’ve been having an issue on one of our machines recently which uses rrdtool on zfs along side nfs where it wedges hard every few weeks. Machine is still pingable but won’t respond on existing or new sessions.
We believe we’ve just tracked down the issue to a leak in fadvise which rrdtool uses causing kvm exhaustion which in turn triggers a bug in zfs.
This leak has already been fixed in stable by svn r234661
Two little patches which add EDNS Client Subnet support that others may find useful:-
1. EDNS client Support for the perl module Net::DNS
2. BIND 9.6.-ESV-R5-P1 dig EDNS client Support (updated 2012-10-20)
#2 was based on Wilmer van der Gaast original BIND 9.7.1 patch
Simple one but something that’s not always obvious, to remount a ZFS root so its writable in single user mode, where its usually read-only, use:
mount -u /