Welcome! Log In Create A New Profile

Re: Memory leak in outgoing https connections

Forum List Message List New Topic Print View

Maxim Dounin

July 21, 2011 06:00PM

Hello!

On Thu, Jul 21, 2011 at 12:44:50PM -0400, knyar wrote:

> Hi!
>
> I believe, there is a memory leak in nginx somewhere in handling
> outgoing HTTPS connections. I am using it as a simple http-to-https
> proxy. My configuration is the following:
>
> resolver 8.8.8.8;
> server {
> listen 127.0.0.1:81;
> server_name localhost;
> access_log off;
> location / {
> proxy_pass $http_x_proxy_url;
> }
> }
>
> When I try to run something like:
> bash -c "while :; do curl -H 'X-Proxy-Url: https://any-https-site.tld/'
> http://localhost:81/; done"
>
> I see nginx eating more and more memory with each request.

Thank you for report, attached patch fixes the leak.

Workaround is "proxy_ssl_session_reuse off;".

Maxim Dounin
# HG changeset patch
# User Maxim Dounin <mdounin@mdounin.ru>
# Date 1311285311 -14400
# Node ID 024d5976f5410e49fcbf4fc967bb0d0a28568c0f
# Parent 9b978fa3cd3356f633d83adb05bcdf5c55dd487a
Upstream: fix memory leak with resolved peers and ssl.

As round robin peers created with ngx_http_upstream_create_round_robin_peer()
are allocated from request pool saved ssl sessions leaked on request
destruction. Since saving sessions is useless here anyway (each peer is only
used once) - fix this by not saving sessions at all.

diff --git a/src/http/ngx_http_upstream_round_robin.c b/src/http/ngx_http_upstream_round_robin.c
--- a/src/http/ngx_http_upstream_round_robin.c
+++ b/src/http/ngx_http_upstream_round_robin.c
@@ -15,6 +15,16 @@ static ngx_uint_t
ngx_http_upstream_get_peer(ngx_http_upstream_rr_peers_t *peers);

+#if (NGX_HTTP_SSL)
+
+static ngx_int_t ngx_http_upstream_dummy_set_session(ngx_peer_connection_t *pc,
+ void *data);
+static void ngx_http_upstream_dummy_save_session(ngx_peer_connection_t *pc,
+ void *data);
+
+#endif
+
+
ngx_int_t
ngx_http_upstream_init_round_robin(ngx_conf_t *cf,
ngx_http_upstream_srv_conf_t *us)
@@ -343,10 +353,8 @@ ngx_http_upstream_create_round_robin_pee
r->upstream->peer.free = ngx_http_upstream_free_round_robin_peer;
r->upstream->peer.tries = rrp->peers->number;
#if (NGX_HTTP_SSL)
- r->upstream->peer.set_session =
- ngx_http_upstream_set_round_robin_peer_session;
- r->upstream->peer.save_session =
- ngx_http_upstream_save_round_robin_peer_session;
+ r->upstream->peer.set_session = ngx_http_upstream_dummy_set_session;
+ r->upstream->peer.save_session = ngx_http_upstream_dummy_save_session;
#endif

return NGX_OK;
@@ -688,6 +696,20 @@ ngx_http_upstream_free_round_robin_peer(

#if (NGX_HTTP_SSL)

+static ngx_int_t
+ngx_http_upstream_dummy_set_session(ngx_peer_connection_t *pc, void *data)
+{
+ return NGX_OK;
+}
+
+
+static void
+ngx_http_upstream_dummy_save_session(ngx_peer_connection_t *pc, void *data)
+{
+ return;
+}
+
+
ngx_int_t
ngx_http_upstream_set_round_robin_peer_session(ngx_peer_connection_t *pc,
void *data)
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Reply Quote

RSS

Subject	Author	Posted
Memory leak in outgoing https connections	knyar	July 21, 2011 12:44PM
Re: Memory leak in outgoing https connections	Maxim Dounin	July 21, 2011 06:00PM

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 190

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018