[PYTHON-CRYPTO] Memoryleak in SSL.Connection
Andre Reitz
reitz at INWORKS.DE
Mon Apr 5 23:08:07 CEST 2004
On Mon, 5 Apr 2004 22:36:37 +0800
Ng Pheng Siong <ngps at POST1.COM> wrote:
> On Thu, Apr 01, 2004 at 11:25:53PM +0200, Andre Reitz wrote:
> > I am pretty sure, that since the Connection object
> > gets garbage collected (and the __del__ method gets called)
> > the server sometimes hangs completely.
> > [...]
> > IN OTHER WORDS:
> > Is it possible that:
> > m2.bio_free(self.sslbio)
> > m2.bio_free(self.sockbio)
> > or self.socket.close()
> > may hang if the client does not finish the connection completely?
>
> Perhaps the server is waiting for SSL connection-close alerts, and
> OpenSSL isn't allowing the session to be harvested?
>
> E.g., running echo.py, see the ALERTs at the end:
>
> INFO: SSL connect: SSL negotiation finished successfully
> Host = vista.netmemetic.com
> Cipher = DHE-RSA-AES256-SHA
> Server = /C=SG/O=M2Crypto/CN=localhost/emailAddress=admin at server.example.dom
> ALERT: read: warning: close notify
> ALERT: write: warning: close notify
>
> Before your server calls self.socket.close(), try calling this:
>
> self.socket.set_shutdown(SSL.SSL_SENT_SHUTDOWN|SSL.SSL_RECEIVED_SHUTDOWN)
>
Ok I will try it...
> This says to set the SSL 'shutdown' state to "sent shutdown" and "received
> shutdown". The precise behaviour is described in the TLS RFC.
>
> Are your clients in Python?
>
yes. but the clients dont use M2Crypto.
They use socket.ssl from the standard distribution.
Greetings, Andre'
>
> --
> Ng Pheng Siong <ngps at netmemetic.com>
>
> http://firewall.rulemaker.net -+- Firewall Change Management & Version Control
> http://sandbox.rulemaker.net/ngps -+- Open Source Python Crypto & SSL
More information about the python-crypto
mailing list