| Summary: | Memory leak in function ssl_scache_dbm_retrieve(). | ||
|---|---|---|---|
| Product: | Apache httpd-2 | Reporter: | David Blake <dblake> |
| Component: | mod_ssl | Assignee: | Apache HTTPD Bugs Mailing List <bugs> |
| Status: | RESOLVED LATER | ||
| Severity: | normal | CC: | jatarifa, public |
| Priority: | P3 | Keywords: | FAQ, FixedInTrunk, MassUpdate, PatchAvailable |
| Version: | 2.1-HEAD | ||
| Target Milestone: | --- | ||
| Hardware: | PC | ||
| OS: | All | ||
| Attachments: | Patch containing fix for memory leak in ssl_scache_dbm_retrieve. | ||
|
Description
David Blake
2003-12-19 21:49:54 UTC
Created attachment 9649 [details]
Patch containing fix for memory leak in ssl_scache_dbm_retrieve.
PatchAvailable *** Bug 21376 has been marked as a duplicate of this bug. *** it seems we're affected by this bug too. we are running Apache/2.0.52 (Win32) mod_ssl/2.0.52 OpenSSL/0.9.7d on a NT box. apache is acting as SSL frontend and reverse proxy for a bunch of applications. the child process is starting at around 14M, rapidly growing to 30M and then constantly leaking memory. after 30k accesses, memory usage is at around 50M. as workaround, we set MaxRequestsPerChild 30000. Switching to shmcb is the best workaround. Thanks. Somehow I was convinced that only dbm would work for SSLSessionCache on win32 platforms. This was the case in 1.3, IIRC. use of shmcb prevents memory leak as described in comment #4. I would have proposed to make shmcb the default for SSLSessionCache, but this has already been done in HEAD: http://cvs.apache.org/viewcvs.cgi/httpd-2.0/docs/conf/ssl-std.conf.in?r1=1.6&r2=1.7 It would be great to see this backported to APACHE_2_0_BRANCH, eventualy with some update to docs (httpd.apache.org/docs-2.0/mod/mod_ssl.html#sslsessioncache) *** Bug 34039 has been marked as a duplicate of this bug. *** Sorry to anyone stuck in an infinite loop, see also Bug 44795 (mixed up bug, two issues, scroll to Michael's comments). (In reply to comment #10) > Sorry to anyone stuck in an infinite loop, see also Bug 44795 (mixed up bug, > two issues, scroll to Michael's comments). It is actually Bug 44975 intead of 44795. Fixed in trunk by makeing the the ssl session cache use mod_slotmem* Please help us to refine our list of open and current defects; this is a mass update of old and inactive Bugzilla reports which reflect user error, already resolved defects, and still-existing defects in httpd. As repeatedly announced, the Apache HTTP Server Project has discontinued all development and patch review of the 2.2.x series of releases. The final release 2.2.34 was published in July 2017, and no further evaluation of bug reports or security risks will be considered or published for 2.2.x releases. All reports older than 2.4.x have been updated to status RESOLVED/LATER; no further action is expected unless the report still applies to a current version of httpd. If your report represented a question or confusion about how to use an httpd feature, an unexpected server behavior, problems building or installing httpd, or working with an external component (a third party module, browser etc.) we ask you to start by bringing your question to the User Support and Discussion mailing list, see [https://httpd.apache.org/lists.html#http-users] for details. Include a link to this Bugzilla report for completeness with your question. If your report was clearly a defect in httpd or a feature request, we ask that you retest using a modern httpd release (2.4.33 or later) released in the past year. If it can be reproduced, please reopen this bug and change the Version field above to the httpd version you have reconfirmed with. Your help in identifying defects or enhancements still applicable to the current httpd server software release is greatly appreciated. |