[Bug 1899841] Re: Leaks memory on client disconnect while using TLS
Robie Basak
1899841 at bugs.launchpad.net
Thu Oct 29 11:13:45 UTC 2020
This is fixed in 2.4.4-4 in Groovy onwards by Debian switching the
package to OpenSSL.
** Description changed:
Howdy,
When one has TLS enabled, icecast2 leaks memory on client disconnect.
Given the nature of a streaming server this happens all the time.
There are two ways to solve this, one would be to switch to using
OpenSSL rather than WolfSSL, while the other would be to apply a tiny
patch that was written by one of the WolfSSL contributors and is
attached.
I tested both solutions and they most certainly do solve the problem.
One can easily test by setting up icecast2, connecting a source client,
then creating a loop with wget to generate a lot of connect/disconnect
noise.
-
[Impact]
- Anyone that uses TLS will be affected.
-
+ Anyone that uses TLS will be affected by a memory leak.
[Test Case]
Set up icecast2 with TLS and hook up a source client such as ices2,
darkice, boodler, etc.
Quickly connect and disconnect some clients:
for i in `seq 1 300`;do timeout 3 wget -O /dev/null https://DOMAIN.TLD
:TLS-PORT/STREAM-MOUNT;done
And watch the memory increase.
-
[Regression Potential]
Well it's a minimal patch, so topping OOM'ing due to too many clients is
going to be hard to beat.
If switching to OpenSSL, this is perhaps a bigger change due to
switching out TLS backends, but perhaps has been tested more.
+ Code that handles edge case SSL protocol handling is being adjusted.
~Unit 193
** Also affects: icecast2 (Ubuntu Focal)
Importance: Undecided
Status: New
** Changed in: icecast2 (Ubuntu)
Status: New => Fix Released
** Changed in: icecast2 (Ubuntu Focal)
Status: New => In Progress
** Changed in: icecast2 (Ubuntu Focal)
Assignee: (unassigned) => Unit 193 (unit193)
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1899841
Title:
Leaks memory on client disconnect while using TLS
Status in Icecast:
Unknown
Status in icecast2 package in Ubuntu:
Fix Released
Status in icecast2 source package in Focal:
In Progress
Status in icecast2 package in Debian:
Unknown
Bug description:
Howdy,
When one has TLS enabled, icecast2 leaks memory on client disconnect.
Given the nature of a streaming server this happens all the time.
There are two ways to solve this, one would be to switch to using
OpenSSL rather than WolfSSL, while the other would be to apply a tiny
patch that was written by one of the WolfSSL contributors and is
attached.
I tested both solutions and they most certainly do solve the problem.
One can easily test by setting up icecast2, connecting a source
client, then creating a loop with wget to generate a lot of
connect/disconnect noise.
[Impact]
Anyone that uses TLS will be affected by a memory leak.
[Test Case]
Set up icecast2 with TLS and hook up a source client such as ices2,
darkice, boodler, etc.
Quickly connect and disconnect some clients:
for i in `seq 1 300`;do timeout 3 wget -O /dev/null https://DOMAIN.TLD
:TLS-PORT/STREAM-MOUNT;done
And watch the memory increase.
[Regression Potential]
Well it's a minimal patch, so topping OOM'ing due to too many clients
is going to be hard to beat.
If switching to OpenSSL, this is perhaps a bigger change due to
switching out TLS backends, but perhaps has been tested more.
Code that handles edge case SSL protocol handling is being adjusted.
~Unit 193
To manage notifications about this bug go to:
https://bugs.launchpad.net/icecast/+bug/1899841/+subscriptions
More information about the Ubuntu-sponsors
mailing list