From: Zoltan F. <zol...@us...> - 2003-01-08 11:16:43
|
Martin Sjögren wrote: > > Would you mind detailing the exact test script you used? With the > following script > === > from OpenSSL import SSL > import socket > > while 1: > ctx = SSL.Context(SSL.TLSv1_METHOD) > conn = SSL.Connection(ctx, socket.socket()) > === > running on Debian unstable, using OpenSSL 0.9.6g, pyOpenSSL 0.5.1 and > Python 2.2.2 I can't detect any leaking at all (monitoring it in top > while it's running) same results for me... > > Am I misunderstanding you? > > > I tried running > > python server.py 2000 >& /dev/null > > and > > while true; do echo foo | python client.py localhost 2000; done >& > /dev/null > > and the memory usage of the server did increase, but very very very > slowly, it took several *minutes* for it to reach 5% of my total memory > (256M), and then I sat watching it for several more minutes and it never > went over 6.1%. I don't know what to make of it. :) > this method for me results in constantly growing memory usage of the server (about 10-20MB per minute). and the id of the Connection object is constantly changing (growing), while the Context remains the same (as expected), so i'm assuming the Connection objects returned by the accept method do not get deleted. (i tied to explicitly delete both the connection object and its context, but the leak remained). > > /Martin the script i was using follows: #!/bin/env python import os import time import socket import OpenSSL.SSL import OpenSSL.tsafe keydir = '/data/devel/triton/source/key' ca_cf = os.path.normpath(os.path.join(keydir, 'ca.cert')) ca_kf = os.path.normpath(os.path.join(keydir, 'ca.key')) server_cf = os.path.normpath(os.path.join(keydir, 'svr.cert')) server_kf = os.path.normpath(os.path.join(keydir, 'svr.key')) client_cf = os.path.normpath(os.path.join(keydir, 'clt.cert')) client_kf = os.path.normpath(os.path.join(keydir, 'clt.key')) class client: def __init__(self): self.ctx = OpenSSL.SSL.Context(OpenSSL.SSL.TLSv1_METHOD) self.ctx.set_verify(OpenSSL.SSL.VERIFY_PEER, self.verifycb) self.ctx.use_privatekey_file(client_kf) self.ctx.use_certificate_file(client_cf) self.ctx.load_verify_locations(ca_cf) sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) self.co = OpenSSL.tsafe.Connection(self.ctx, sock) def verifycb(self, conn, cert, errnum, depth, ok): return ok if __name__ == '__main__': time.sleep(5) for i in range(10000): print i clt = client() clt.co.close() del clt.ctx del clt.co time.sleep(10) when both the del clt.ctx and del clt.co lines are there, there is no leak at all. if both of them are commented out, the memory usage goes to about 100MB, and if only the context is deleted, the memory usage is about 80MB. all tests are done on Red Hat 8.0, both with the standard python and openssl, and with self compiled ones, the results are the same. (when using the OpenSSL.SSL.Connection instead of the tsafe one, nothing changes). i cannot exactly recall the results of using a statically linked openssl right now, but the leak was there too. i will test it both on Red Hat 7.3 and Windows, and send the results. right now i'm totally clueless. any suggestions? zoltan |