AOLserver

Tracker: Bugs

8 nsopenssl leaks SSL obj. mem w/Keep-Alive - ID: 1160850

Last Update: Comment added ( dossy )

Details:

Summary:

nsopenssl leaks memory (the SSL obj. structure) on
subsequent HTTP requests in a persistent (Keep-Alive)
connection.

Thanks to Christopher Bowman of Wayport.net for
identifying this leak.

Details:

AOLserver 4.0.10
nsopenssl v3_0beta26
OpenSSL 0.9.7e 25 Oct 2004

Submitted:

Dossy Shiobara ( dossy ) - 2005-03-10 19:26

Priority:

Status:

Closed

Resolution:

Fixed

Assigned:

Dossy Shiobara

Category:

Modules: nsopenssl (SSL)

Group:

aolserver_v40

Visibility:

Public

Comments ( 3 )

Date: 2005-03-11 17:04 Sender: dossy Logged In: YES user_id=21885 As a side note, a temporary work-around for AOLserver 4.0.10 and earlier could be to disable HTTP Keep-Alive with the following config. directives: ns_section "ns/parameters" ns_param keepalivetimeout 0 Unfortunately this is server-wide and not per-socket driver.
Date: 2005-03-11 16:55 Sender: dossy Logged In: YES user_id=21885 Patch committed to aolserver_v40_bp branch for inclusion in AOLserver 4.0.11 release. Closing this ticket.
Date: 2005-03-11 03:27 Sender: dossy Logged In: YES user_id=21885 Steps to reproduce: 1. Generate self-signed SSL certificates, named "certificate.pem" and "key.pem". 2. Place those two files and the bug-1160850-config.tcl in the top-level directory of the AOLserver installation. 3. Create a test index.html 10K in size in the server's pageroot: $ dd if=/dev/zero of=servers/server1/pages/index.html bs=1024 count=10 4. Start the server: $ LD_LIBRARY_PATH=lib bin/nsd -ft bug-1160850-config.tcl -u nobody 5. Check the size of the nsd process (on Linux): $ ps -Ao pid,pmem,vsz,rss,args \| grep -- "nsd -ft bug-1160850-config.tcl" 6. Generate one SSL connection and send 10 Keep-Alive requests allowing each to time out after 3s (using bash shell): $ (i=0; while test $i -lt 10; do i=`expr $i + 1`; (echo "GET / HTTP/1.0"; echo "Connection: Keep-Alive"; echo "") \| openssl s_client -quiet -connect hostname:8443; done) 7. Check the size of the nsd process (on Linux): $ ps -Ao pid,pmem,vsz,rss,args \| grep -- "nsd -ft bug-1160850-config.tcl" ==== On my test host with AOLserver 4.0.10, I get (before and after): $ ps -Ao pid,pmem,vsz,rss,args \| grep -- "nsd -ft bug-1160850-config.tcl" 4197 0.3 15212 3720 bin/nsd -ft bug-1160850-config.tcl -u www -g www ... 4197 0.3 15856 4104 bin/nsd -ft bug-1160850-config.tcl -u www -g www VSZ (15856-15212=644) and RSS (4104-3720=384) both grew. After applying bug-1160850-v4010-patch-20050310.txt, I get (before and after): $ ps -Ao pid,pmem,vsz,rss,args \| grep -- "nsd -ft bug-1160850-config.tcl" 4444 0.3 15180 3684 bin/nsd -ft bug-1160850-config.tcl -u www -g www ... 4444 0.3 15244 3880 bin/nsd -ft bug-1160850-config.tcl -u www -g www VSZ (15244-15180=64) and RSS (3880-3684=196) both grew, but not as quickly as in the 4.0.10 case. Repeating the same test with 1,000 requests, we get: Before patch: $ ps -Ao pid,pmem,vsz,rss,args \| grep -- "nsd -ft bug-1160850-config.tcl" 4724 0.3 15212 3720 bin/nsd -ft bug-1160850-config.tcl -u www -g www ... 4724 2.5 71520 26048 bin/nsd -ft bug-1160850-config.tcl -u www -g www VSZ (71520-15212=56308), RSS (26048-3720=22328) After patch: $ ps -Ao pid,pmem,vsz,rss,args \| grep -- "nsd -ft bug-1160850-config.tcl" 14405 0.3 15180 3684 bin/nsd -ft bug-1160850-config.tcl -u www -g www ... 14405 0.3 15380 3996 bin/nsd -ft bug-1160850-config.tcl -u www -g www VSZ (15380-15180=200), RSS (3996-3684=312) This clearly illustrates the leak with 1,000 requests, it grew 56 MB (VSZ) compared to the 200K after the patch is applied.

Attached Files ( 2 )

Filename	Description	Download
bug-1160850-config.tcl	bug-1160850-config.tcl	Download
bug-1160850-v4010-patch-20050310.txt	patch against aolserver_v40_bp branch for 4.0.10	Download

Changes ( 5 )

Field	Old Value	Date	By
status_id	Open	2005-03-11 16:55	dossy
resolution_id	None	2005-03-11 16:55	dossy
close_date	-	2005-03-11 16:55	dossy
File Added	125094: bug-1160850-v4010-patch-20050310.txt	2005-03-11 03:31	dossy
File Added	125093: bug-1160850-config.tcl	2005-03-11 03:30	dossy

AOLserver

Tracker: Bugs

Comments ( 3 )

Attached Files ( 2 )

Changes ( 5 )

About SourceForge

Find Software

Develop Software

Community

Help