Memory leaks are observed for libgnutls in multi-thread mode

tangtong tang__tong at hotmail.com
Thu Oct 22 06:46:02 CEST 2009 

Hi,Nikos
I have rebuilt the lib with your patch, do the following tests: 

1)Setting the client working with tls1.0, and run the testing with high TPS, the memory leaks are not observed anymore. 



2)The patch doesn't support
"NONE:+VERS-TLS1.2:+AES-256-CBC:+RSA:+SHA256:+COMP-NULL", I think your
patch disable the tls1.2 support, it will core with the following dump
info:
 fe9a2bb8 _gcry_md_copy (ffbff33c, 0, 0, febc6ed0, 14f8, fed3805c) + 4
 feca8dfc _gnutls_hash_copy (ffbff338, 365c4, 0, 0, 0, 0) + 80
 fec9e0fc _gnutls_finished (36180, 2, ffbff440, 1, 6, 0) + 84
 fec9edc0 _gnutls_send_handshake_final (0, 0, 0, e, e, 4) + 128
 feca2548 _gnutls_handshake_common (36180, 0, 10, 4, ffffffe0, ffbff551) + 30
 feca382c gnutls_handshake (0, 4, 32fc8, 8e8, 17ac, ffbff5c4) + 60
 000119bc main     (1, ffbffa54, ffbffa5c, 22508, 0, 0) + 118
 000112c8 _start   (0, 0, 0, 0, 0, 0) + 5c

The
memory leak issues have been resolved, Thanks very much!Would you
please do me a favor to provide a patch wich support TLS1.2/SHA256? My
pilot project needs it .

BTW, Is there any plan for the stable release of gnutls which support TLS1.2/SHA256?

Regards
Tony


> Date: Thu, 22 Oct 2009 00:38:14 +0300
> From: nmav at gnutls.org
> To: tang__tong at hotmail.com
> CC: simon at josefsson.org; help-gnutls at gnu.org
> Subject: Re: Memory leaks are observed for libgnutls in multi-thread mode
> 
> tangtong wrote:
> > Hi,Nikos
> > After applying the patch, I get the following error during handshake:
> > error number:-18 dec:An error was encountered at the TLS Finished packet calculation.
> > 
> > My lib is based on git 2.9.4.
> 
> There is some issue with TLS1.2 hashes and handshake. Anyway the
> attached patch should fix the issue you encounter.
> 
> The issue with TLS1.2 is that when a client that supports TLS1.2 tries
> to connect to a server that doesn't support tls1.2 he will have SHA256
> initiated instead of SHA1. I made a quick and dirty fix for it.
> 
> regards,
> Nikos
 		 	   		  
_________________________________________________________________
心跳斗地主新版体验,给你360度的心跳体验!
http://club.msn.cn/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20091022/365f1c50/attachment.htm>

More information about the Gnutls-help mailing list