[PYTHON-CRYPTO] Memoryleak in SSL.Connection

Ng Pheng Siong ngps at POST1.COM
Mon Apr 5 16:36:37 CEST 2004

On Thu, Apr 01, 2004 at 11:25:53PM +0200, Andre Reitz wrote:
> I am pretty sure, that since the Connection object
> gets garbage collected (and the __del__ method gets called)
> the server sometimes hangs completely.
> [...]
> Is it possible that:
>    m2.bio_free(self.sslbio)
>    m2.bio_free(self.sockbio)
> or self.socket.close()
> may hang if the client does not finish the connection completely?

Perhaps the server is waiting for SSL connection-close alerts, and
OpenSSL isn't allowing the session to be harvested?

E.g., running echo.py, see the ALERTs at the end:

  INFO: SSL connect: SSL negotiation finished successfully
  Host = vista.netmemetic.com
  Cipher = DHE-RSA-AES256-SHA
  Server = /C=SG/O=M2Crypto/CN=localhost/emailAddress=admin at server.example.dom
  ALERT: read: warning: close notify
  ALERT: write: warning: close notify

Before your server calls self.socket.close(), try calling this:


This says to set the SSL 'shutdown' state to "sent shutdown" and "received
shutdown". The precise behaviour is described in the TLS RFC.

Are your clients in Python?

Ng Pheng Siong <ngps at netmemetic.com>

http://firewall.rulemaker.net -+- Firewall Change Management & Version Control
http://sandbox.rulemaker.net/ngps -+- Open Source Python Crypto & SSL

More information about the python-crypto mailing list