Message291512
Yes, I'm currently testing the change with a bunch of OpenSSL and LibreSSL versions.
By the way the memory issue can be reproduced with any certificate that contains a CRL distribution point. Letsencrypt certs don't have a CRL DP. I guess Alexander's test cert doesn't have a CRL DP either. The Nokia test cert in our test suite contains one.
---
import _ssl
import sys
PEM = 'Lib/test/nokia.pem'
def mem():
with open('/proc/self/status') as f:
for line in f:
if line.startswith('RssAnon'):
print(line, end='')
for i in range(10000):
if i % 1000 == 0:
mem()
d = _ssl._test_decode_cert(PEM)
assert d['crlDistributionPoints']
mem()
---
Without fix:
$ ./python t.py
RssAnon: 4376 kB
RssAnon: 4840 kB
RssAnon: 5224 kB
RssAnon: 5608 kB
RssAnon: 6120 kB
RssAnon: 6504 kB
RssAnon: 6888 kB
RssAnon: 7272 kB
RssAnon: 7656 kB
RssAnon: 8040 kB
RssAnon: 8424 kB
With fix:
$ ./python t.py
RssAnon: 4376 kB
RssAnon: 4376 kB
RssAnon: 4376 kB
RssAnon: 4376 kB
RssAnon: 4376 kB
RssAnon: 4376 kB
RssAnon: 4376 kB
RssAnon: 4376 kB
RssAnon: 4376 kB
RssAnon: 4376 kB
RssAnon: 4376 kB |
|
| Date |
User |
Action |
Args |
| 2017-04-11 19:15:21 | christian.heimes | set | recipients:
+ christian.heimes, pitrou, Lukasa, thehesiod |
| 2017-04-11 19:15:21 | christian.heimes | set | messageid: <1491938121.41.0.915803184953.issue29870@psf.upfronthosting.co.za> |
| 2017-04-11 19:15:21 | christian.heimes | link | issue29870 messages |
| 2017-04-11 19:15:21 | christian.heimes | create | |
|
➜
