cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: Memory Leak on cached cred after Curl_schannel_session_free.

From: Marc Hörsken <info_at_marc-hoersken.de>
Date: Sat, 10 Jan 2015 17:48:51 +0100

Hello everyone,

I just took a look at this bug report by Jean-Francois and think that this is rather an issue with libcurl’s SSL/TLS session handling.
In my opinion the SSL/TLS sessions should not be freed before all SSL/TLS connections using it are fully closed down.
What does everyone else think about this?

Another alternative to the workaround provided by Jean-Francois would be to mark the session as not being cached any longer.
In that case the reference counter would be decremented and finally the session would be freed during individual connection shutdown.

This would also align to the current approach that the SChannel code uses to setup a new session if the old one is stale.
The stale session is deleted from the cache and the new one is put into it, while the stale session might still be used for active connections.

See the following lines:
https://github.com/bagder/curl/blob/curl-7_40_0/lib/vtls/curl_schannel.c#L129 <https://github.com/bagder/curl/blob/curl-7_40_0/lib/vtls/curl_schannel.c#L129>
https://github.com/bagder/curl/blob/curl-7_40_0/lib/vtls/curl_schannel.c#L544 <https://github.com/bagder/curl/blob/curl-7_40_0/lib/vtls/curl_schannel.c#L544>

Jean-Francois, would you mind trying the attached patch as an alternative workaround?
Thanks in advance.

Best regards,
Marc

> Am 08.01.2015 um 19:32 schrieb Jean-Francois Durand <jean-francois.durand_at_ubisoft.com>:
>
> Hi devs,
>
> When using multi and schannel (version 7.40), it happens that Curl_schannel_session_free (curl_schannel.c) can be called just after a curl_easy_cleanup but before the Curl_schannel_shutdown is done on a connection. It results that if the ssl credentials are cached, the refcount will not be 0. And then, they are not be freed.
>
> Furthermore, no leak happens when using openSSL. Here's how I managed to counter the leak when using schannel:
>
> (urldata.h)
>
> struct curl_schannel_cred {
> /* . */
> bool session_freed; ///New boolean
> /* . */
>
> (curl_schannel.h)
>
> void Curl_schannel_session_free(void *ptr)
> {
> struct curl_schannel_cred *cred = ptr;
>
> if(cred && cred->cached)
> {
> if(cred->refcount == 0)
> {
> s_pSecFn->FreeCredentialsHandle(&cred->cred_handle);
> Curl_safefree(cred);
> }
> else
> {
> cred->session_freed = true;
> }
> }
> }
>
> int Curl_schannel_shutdown(struct connectdata *conn, int sockindex)
> /* . */
> /* if the handle was not cached and the refcount is zero */
> if((!connssl->cred->cached && connssl->cred->refcount == 0) || connssl->cred->session_freed) {
> infof(data, "schannel: clear credential handle\n");
> s_pSecFn->FreeCredentialsHandle(&connssl->cred->cred_handle);
> Curl_safefree(connssl->cred);
> }
> /* . */
>
> Any thoughts or suggestions are welcome,
>
> Have a wonderful day,
>
> --
> Jean-Francois Durand
>
> -------------------------------------------------------------------
> List admin: http://cool.haxx.se/list/listinfo/curl-library
> Etiquette: http://curl.haxx.se/mail/etiquette.html

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html

Received on 2015-01-10