axis-c-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Steve Leland (JIRA)" <j...@apache.org>
Subject [jira] Issue Comment Edited: (AXIS2C-1237) SSL related memory leak
Date Mon, 28 Jun 2010 15:03:02 GMT

    [ https://issues.apache.org/jira/browse/AXIS2C-1237?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12883168#action_12883168
] 

Steve Leland edited comment on AXIS2C-1237 at 6/28/10 11:01 AM:
----------------------------------------------------------------

Hi,

I am running on Windows Server 2008 R2, using a build I made Saturday (svn 957643) which staticly
links in Openssl 0.9.8o, and find it to have the same problems as the 1.6.0 release in not
being able to properly terminate its ssl processing - which leads to the stack reported in
this bug report.

The problem starts in http_sender.c axis2_http_sender_process_response(), where the ssl stream
is added to a property which uses axutil_stream_free_void_arg as the free_func.  For ssl streams
it should be axis2_ssl_stream_free().

The next issue is that the socket is closed prematurely by Axis2c code in http_client.c axis2_http_client_free().
 Openssl's SSL_shutdown() and SSL_Free() should be allowed to do that when their internal
reference counts indicate it's time.

The final issue issue is that the SSL structure is never freed in ssl_utils.c axis2_ssl_utils_cleanup_ssl
with a call to SSL_free().

Diffs:

Index: src/core/transport/http/sender/http_client.c
===================================================================
--- src/core/transport/http/sender/http_client.c (revision 958144)
+++ src/core/transport/http/sender/http_client.c (working copy)
@@ -120,7 +120,15 @@
     }
     if(-1 != http_client->sockfd)
     {
+#ifdef AXIS2_SSL_ENABLED
+  if (http_client->data_stream->stream_type == AXIS2_STREAM_SOCKET)
+         axutil_network_handler_close_socket(env, http_client->sockfd);
+//  else // ssl streams are AXIS2_STREAM_BASIC
+//   will be handled in SSL_shutdown()
+#else
         axutil_network_handler_close_socket(env, http_client->sockfd);
+#endif
+
         http_client->sockfd = -1;
     }
 


Index: src/core/transport/http/sender/http_sender.c
===================================================================
--- src/core/transport/http/sender/http_sender.c (revision 958144)
+++ src/core/transport/http/sender/http_sender.c (working copy)
@@ -43,6 +43,13 @@
 #define CLIENT_NONCE_LENGTH 8
 #endif
 
+// expose private function is sender\ssl\ssl_stream.
+#ifdef AXIS2_SSL_ENABLED
+void AXIS2_CALL axis2_ssl_stream_free(
+    axutil_stream_t * stream,
+    const axutil_env_t * env);
+#endif
+
 struct axis2_http_sender
 {
     axis2_char_t *http_version;
@@ -1594,7 +1601,16 @@
         response, env));
     property = axutil_property_create(env);
     axutil_property_set_scope(property, env, AXIS2_SCOPE_REQUEST);
-    axutil_property_set_free_func(property, env, axutil_stream_free_void_arg);
+// fix ssl memory leak
+#ifdef AXIS2_SSL_ENABLED
+ if (in_stream->stream_type == AXIS2_STREAM_SOCKET)
+     axutil_property_set_free_func (property, env, axutil_stream_free_void_arg);
+ else // ssl streams are AXIS2_STREAM_BASIC
+     axutil_property_set_free_func (property, env, axis2_ssl_stream_free);
+#else
+     axutil_property_set_free_func (property, env, axutil_stream_free_void_arg);
+#endif
+
     axutil_property_set_value(property, env, in_stream);
     axis2_msg_ctx_set_property(msg_ctx, env, AXIS2_TRANSPORT_IN, property);
     AXIS2_LOG_TRACE(env->log, AXIS2_LOG_SI, "Exit:axis2_http_sender_process_response");


Index: src/core/transport/http/sender/ssl/ssl_utils.c
===================================================================
--- src/core/transport/http/sender/ssl/ssl_utils.c (revision 958144)
+++ src/core/transport/http/sender/ssl/ssl_utils.c (working copy)
@@ -214,7 +214,10 @@
 
     if (ssl)
     {
-        SSL_shutdown(ssl);
+        if (SSL_shutdown(ssl) == 0)
+  {
+   SSL_free(ssl);
+  }
     }
     if (ctx)
     {

Regards,
Steve

      was (Author: stevel):
    Hi,

I am running on Windows Server 2008 R2, using a build I made Saturday (svn 957643) which staticly
links in Openssl 0.9.8o, and find it to have the same problems as the 1.6.0 release in not
being able to properly terminate its ssl processing.  

The problem starts in http_sender.c axis2_http_sender_process_response(), where the ssl stream
is added to a property which uses axutil_stream_free_void_arg as the free_func.  For ssl streams
it should be axis2_ssl_stream_free().

The next issue is that the socket is closed prematurely by Axis2c code in http_client.c axis2_http_client_free().
 Openssl's SSL_shutdown() and SSL_Free() should be allowed to do that when their internal
reference counts indicate it's time.

The final issue issue is that the SSL structure is never freed in ssl_utils.c axis2_ssl_utils_cleanup_ssl
with a call to SSL_free().

Diffs:

Index: src/core/transport/http/sender/http_client.c
===================================================================
--- src/core/transport/http/sender/http_client.c (revision 958144)
+++ src/core/transport/http/sender/http_client.c (working copy)
@@ -120,7 +120,15 @@
     }
     if(-1 != http_client->sockfd)
     {
+#ifdef AXIS2_SSL_ENABLED
+  if (http_client->data_stream->stream_type == AXIS2_STREAM_SOCKET)
+         axutil_network_handler_close_socket(env, http_client->sockfd);
+//  else // ssl streams are AXIS2_STREAM_BASIC
+//   will be handled in SSL_shutdown()
+#else
         axutil_network_handler_close_socket(env, http_client->sockfd);
+#endif
+
         http_client->sockfd = -1;
     }
 


Index: src/core/transport/http/sender/http_sender.c
===================================================================
--- src/core/transport/http/sender/http_sender.c (revision 958144)
+++ src/core/transport/http/sender/http_sender.c (working copy)
@@ -43,6 +43,13 @@
 #define CLIENT_NONCE_LENGTH 8
 #endif
 
+// expose private function is sender\ssl\ssl_stream.
+#ifdef AXIS2_SSL_ENABLED
+void AXIS2_CALL axis2_ssl_stream_free(
+    axutil_stream_t * stream,
+    const axutil_env_t * env);
+#endif
+
 struct axis2_http_sender
 {
     axis2_char_t *http_version;
@@ -1594,7 +1601,16 @@
         response, env));
     property = axutil_property_create(env);
     axutil_property_set_scope(property, env, AXIS2_SCOPE_REQUEST);
-    axutil_property_set_free_func(property, env, axutil_stream_free_void_arg);
+// fix ssl memory leak
+#ifdef AXIS2_SSL_ENABLED
+ if (in_stream->stream_type == AXIS2_STREAM_SOCKET)
+     axutil_property_set_free_func (property, env, axutil_stream_free_void_arg);
+ else // ssl streams are AXIS2_STREAM_BASIC
+     axutil_property_set_free_func (property, env, axis2_ssl_stream_free);
+#else
+     axutil_property_set_free_func (property, env, axutil_stream_free_void_arg);
+#endif
+
     axutil_property_set_value(property, env, in_stream);
     axis2_msg_ctx_set_property(msg_ctx, env, AXIS2_TRANSPORT_IN, property);
     AXIS2_LOG_TRACE(env->log, AXIS2_LOG_SI, "Exit:axis2_http_sender_process_response");


Index: src/core/transport/http/sender/ssl/ssl_utils.c
===================================================================
--- src/core/transport/http/sender/ssl/ssl_utils.c (revision 958144)
+++ src/core/transport/http/sender/ssl/ssl_utils.c (working copy)
@@ -214,7 +214,10 @@
 
     if (ssl)
     {
-        SSL_shutdown(ssl);
+        if (SSL_shutdown(ssl) == 0)
+  {
+   SSL_free(ssl);
+  }
     }
     if (ctx)
     {

Regards,
Steve
  
> SSL related memory leak
> -----------------------
>
>                 Key: AXIS2C-1237
>                 URL: https://issues.apache.org/jira/browse/AXIS2C-1237
>             Project: Axis2-C
>          Issue Type: Bug
>          Components: transport/http
>    Affects Versions: 1.4.0
>         Environment: Fedora 9 (i386), openssl-0.9.8g-9.fc9
>            Reporter: Rafal Metkowski
>            Assignee: S.Uthaiyashankar
>             Fix For: 1.7.0
>
>
> I've written small client using Axis2C and I've noticed memory leaks
> when connecting to service with https.
> I've checked with the valgrind and got following results:
> valgrind --leak-check=full
> ==8057== 58,000 (292 direct, 57,708 indirect) bytes in 1 blocks are
> definitely lost in loss record 9 of 9
> ==8057==    at 0x4006AEE: malloc (vg_replace_malloc.c:207)
> ==8057==    by 0x7B4E4CD: (within /lib/libcrypto.so.0.9.8g)
> ==8057==    by 0x7B4EB4E: CRYPTO_malloc (in /lib/libcrypto.so.0.9.8g)
> ==8057==    by 0x34C529: SSL_new (in /lib/libssl.so.0.9.8g)
> ==8057==    by 0x40EB9C2: axis2_ssl_utils_initialize_ssl (ssl_utils.c:133)
> ==8057==    by 0x40EB7E6: axutil_stream_create_ssl (ssl_stream.c:104)
> ==8057==    by 0x40EABB1: axis2_http_client_send (http_client.c:216)
> ==8057==    by 0x40E8A9D: axis2_http_sender_send (http_sender.c:1064)
> ==8057==    by 0x40E32B4: axis2_http_transport_sender_write_message
> (http_transport_sender.c:771)
> ==8057==    by 0x40E3AC3: axis2_http_transport_sender_invoke
> (http_transport_sender.c:306)
> ==8057==    by 0x407DF6A: axis2_engine_send (engine.c:176)
> ==8057==    by 0x40A5BAB: axis2_op_client_two_way_send (op_client.c:1157)
> .......
> ==8057== LEAK SUMMARY:
> ==8057==    definitely lost: 332 bytes in 4 blocks.
> ==8057==    indirectly lost: 57,900 bytes in 596 blocks.
> ==8057==      possibly lost: 0 bytes in 0 blocks.
> ==8057==    still reachable: 28,292 bytes in 1,887 blocks.
> ==8057==         suppressed: 0 bytes in 0 blocks.
> As I expected when I changed https to plain http the problem disapeared:
> ==9065== LEAK SUMMARY:
> ==9065==    definitely lost: 40 bytes in 3 blocks.
> ==9065==    indirectly lost: 192 bytes in 6 blocks.
> ==9065==      possibly lost: 0 bytes in 0 blocks.
> ==9065==    still reachable: 300 bytes in 3 blocks.
> ==9065==         suppressed: 0 bytes in 0 blocks. 
> I looked at the code and it seems axis2_ssl_utils_cleanup_ssl function isn't called in
case of successful connection.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: c-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: c-dev-help@axis.apache.org


Mime
View raw message