EldoS | Feel safer!

Software components for data protection, secure storage and transfer

SSLClient Memory Leak

Also by EldoS: Rethync
The cross-platform framework that simplifies synchronizing data between mobile and desktop applications and servers and cloud storages
#36225
Posted: 03/14/2016 11:18:57
by Charlie Jimenez (Standard support level)
Joined: 08/14/2012
Posts: 38

For completeness, here is the entire set-up code for the SSL Client:

Code
        If mSSLClient Is Nothing Then
          mSSLClient = New TElSSLClient
        End If
        mSSLClient.Options = 0
        If mSSLVersions = 0 Then
          mSSLClient.Versions = Unit.sbTLS11 Or Unit.sbTLS1 Or Unit.sbSSL3 Or Unit.sbSSL2
        Else
          mSSLClient.Versions = mSSLVersions
        End If
        If mSSLCipherSuites.Length = 0 Then
          For J = Unit.SB_SUITE_FIRST + 1 To Unit.SB_SUITE_LAST - 1
            SSLCipherSuites(J) = True
          Next
        Else
          ResetCipherSuites(False)
          For J = Unit.SB_SUITE_FIRST + 1 To Unit.SB_SUITE_LAST - 1
            mSSLClient.CipherSuites(J) = mSSLCipherSuites(J)
            If J = 13 Then
              mSSLClient.CipherSuitePriorities(J) = 10
            End If
          Next
        End If
        If mSSLClient.CertStorage Is Nothing Then
          mSSLClient.CertStorage = gTrustedCertStore
        End If
        mSSLClient.CompressionAlgorithms(Unit.SSL_CA_NONE) = True
        mSSLClient.CompressionAlgorithms(Unit.SSL_CA_ZLIB) = False
        mSSLClient.Extensions.Clear()
        mSSLClient.Extensions.Heartbeat.Enabled = True
        mSSLClient.Extensions.SignatureAlgorithms.Enabled = False
        mSSLClient.Extensions.SignatureAlgorithms.EnableAllSupported()
        mSSLClient.Extensions.ECCurves.Enabled = True
        For I As Integer = SBSSLConstants.__Global.SB_EC_TLS_NAMED_CURVE_FIRST To SBSSLConstants.__Global.SB_EC_TLS_NAMED_CURVE_LAST
          mSSLClient.Extensions.ECCurves.SetCurves(I, True)
        Next
        mSSLClient.Extensions.ECPoints.SetPointType(0, True)
        mSSLClient.Extensions.ECPoints.SetPointType(1, True)
        mSSLClient.Extensions.ECPoints.SetPointType(2, True)
        mSSLClient.Extensions.ECPoints.Enabled = True
        mSSLClient.Extensions.RenegotiationInfo.Enabled = False
        mSSLClient.Enabled = False


I enable the SSL Client once a connection is established.


Charlie
#36226
Posted: 03/14/2016 11:51:24
by Ken Ivanov (EldoS Corp.)

Thank you Charlie, this definitely makes sense. We will try to reproduce your scenario locally and get back to you shortly.

Destroy and DestroyUnmanaged are internal methods which are not supposed to be called directly. Therefore it is correct and appropriate to use Dispose() method to release objects.

Ken
#36266
Posted: 03/18/2016 17:04:17
by Ken Ivanov (EldoS Corp.)

Hi Charlie,

Let's continue the discussion in our help desk. I've created a ticket for you (#29551).

Ken
#36338
Posted: 03/30/2016 09:55:28
by Charlie Jimenez (Standard support level)
Joined: 08/14/2012
Posts: 38

Hi Ken,

Sorry I took so long in trying the test application you provided. I can run it, no problem, but what is it that you would like for me to do with this? Is there anything you want me to monitor or report back to you?

Charlie
#36345
Posted: 03/30/2016 15:13:27
by Ken Ivanov (EldoS Corp.)

Hi Charlie,

Yes - first of all, could you please check if the application exposes the same memory problem in your environment? What we are actually trying to do now is identify what exactly in your application is causing the issue, and the first step to do that is running the sample app in your environment.

Ken
#36347
Posted: 03/30/2016 17:38:11
by Charlie Jimenez (Standard support level)
Joined: 08/14/2012
Posts: 38

Hi Ken,

OK, I ran the application and found no increase in the amount of buffers used. I pointed to a local SSL server here to avoid using your web site. And I also tried increasing the CONNCOUNT to 500. I put a break point at the last statement Console.WriteLine("Finished") and checked the
SBSSLCommon.Unit.SSLMemoryManager().FAllocatedArrays.Count value and it never increases beyond 25.

I also tried increasing the MaxCount to 100, ran it again, and the count never increases beyond 100.

So, there is definitely some difference in the environment. I see one obvious difference. Your test application creates all the clients within separate threads started in the main thread. In my application, I have connection classes that are instantiated for each connection. It is within the connection class that the SSL Clients are created and disposed, but they are created when I call a 'connect' method from the main thread. So, in my application, all SSLClient objects are created directly off of the main thread.

Could this be the difference?

Charlie
#36362
Posted: 03/31/2016 10:45:30
by Ken Ivanov (EldoS Corp.)

Hi Charlie,

Thank you very much for checking.

I don't think that the exact thread where the client object is created makes a difference. The SSL memory manager is designed to handle clients' requests originating from different thread scenarios, so the buffers should be allocated and released similarly in both your and our models.

Regarding your remark on the connection class instances. Do you actually dispose/null'ize those objects when they are not needed any more? It can be that orphan connection objects hang around in memory with all their encapsulated objects without being released due to the consuming code holding some undetected references to them.

If it's not the case, do you think if you could alter the sample a bit to make it match the architecture of your application and expose the issue?

Ken
#36364
Posted: 03/31/2016 10:51:12
by Charlie Jimenez (Standard support level)
Joined: 08/14/2012
Posts: 38

My connection classes are instantiated when the application starts up and are disposed when the application shuts down. So they are always alive while the application is running, though maybe not connected at all times.

I will try a few scenarios, as you suggested, changing the way the SSL Clients are created and disposed to better match my application's environment.
#36380
Posted: 04/01/2016 10:58:09
by Charlie Jimenez (Standard support level)
Joined: 08/14/2012
Posts: 38

Hi Ken,

I am uploading a modified version of the test application into the original ticket which I am re-opening. I will leave comments there.

Charlie
Also by EldoS: RawDisk
Access locked and protected files in Windows, read and write disks and partitions and more.

Reply

Statistics

Topic viewed 4667 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!