Skip Menu |

This queue is for tickets about the IO-Socket-SSL CPAN distribution.

Report information
The Basics
Id: 68073
Status: resolved
Priority: 0/
Queue: IO-Socket-SSL
People
Owner: Nobody in particular
Requestors: oleg [...] cpan.org
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: 1.40

History Show all quoted text
  Tue May 10 07:30:34 2011 oleg [...] cpan.org - Ticket created
Subject: Memory leak in server mode
Script to reproduce: use IO::Socket::SSL; use strict; my $serv = IO::Socket::SSL->new( Listen => 100, SSL_key_file => 'ca.key', SSL_cert_file => 'ca.crt', LocalPort => 443 ) or die $@; while (1) { my $client = $serv->accept() or next; $client->close(); } Start this script and run loop like below from command line: while true; do curl -k https://localhost; done Memory usage of perl process grows without stopping
  Tue May 10 08:17:23 2011 Steffen_Ullrich [...] genua.de - Correspondence added
Subject: Re: [rt.cpan.org #68073] Memory leak in server mode
Date: Tue, 10 May 2011 14:17:09 +0200
To: Oleg G via RT <bug-IO-Socket-SSL [...] rt.cpan.org>
From: Steffen Ullrich <Steffen_Ullrich [...] genua.de>
Hi Oleg, Show quoted text
> ... > Start this script and run loop like below from command line: > while true; do curl -k https://localhost; done > Memory usage of perl process grows without stopping >
thanks for reporting the bug. The interesting thing is, that I can see the memory increase with curl, but not with openssl s_client or wget. I will look further into it, but it will probably take some time. Regards, Steffen -- GeNUA Gesellschaft für Netzwerk - und Unix-Administration mbH Domagkstr. 7, D-85551 Kirchheim. http://www.genua.de Tel: (089) 99 19 50-0, Fax: (089) 99 10 50 - 999 Geschäftsführer: Dr. Magnus Harlander, Dr. Michaela Harlander, Bernhard Schneck. Amtsgericht München HRB 98238
  Tue May 10 08:17:24 2011 The RT System itself - Status changed from 'new' to 'open'
  Tue May 10 09:37:48 2011 Steffen_Ullrich [...] genua.de - Correspondence added
It's not a memory leak, it's the session cache. Contrary to s_client and wget, curl requests that the current session gets added to the servers session cache. By default (default of openssl or Net::SSLeay, I don't know) the session cache has a size of 20480, so it will add sessions to the cache and thus claim memory until it reaches a size of 20480 and only then expire sessions and free memory. Setting the session cache from IO::Socket::SSL is cumbersome, but for now you can do it with: Net::SSLeay::CTX_sess_set_cache_size(${*$serv}{_SSL_ctx}{context},128); This limits the size to 128 entries. Using this value it reclaims memory much faster. I will probably document this behavior and make it adjustable from IO::Socket::SSL in one of the next releases. Regards, Steffen
  Tue May 10 09:37:49 2011 Steffen_Ullrich [...] genua.de - Status changed from 'open' to 'resolved'
  Tue May 10 10:08:02 2011 Steffen_Ullrich [...] genua.de - Correspondence added
issue is document in 1.42 and better workaround is shown in the documentation using the new SSL_create_ctx_callback argument
  Tue May 10 10:08:02 2011 The RT System itself - Status changed from 'resolved' to 'open'
  Tue May 10 10:11:34 2011 oleg [...] cpan.org - Correspondence added
On Tue May 10 10:08:02 2011, SULLR wrote: Show quoted text
> issue is document in 1.42 and better workaround is shown in the > documentation using the new SSL_create_ctx_callback argument
Thanks!
  Tue May 10 10:15:12 2011 oleg [...] cpan.org - Status changed from 'open' to 'resolved'