Browse code
Bug 2135415 - Fix memleak in pyOpenSSL
This change is to patch the memleak we have with pyOpenSSL in crypto.py.
Change-Id: I95dca52ca163faf6566af9258a5989a9a2cf9606
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/5262
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Dweep Advani <dadvani@vmware.com>
Reviewed-by: Sharath George
Tapas Kundu authored on 2018/06/14 21:42:07Showing 2 changed files
| 1 | 1 |
new file mode 100644 |
| ... | ... |
@@ -0,0 +1,21 @@ |
| 0 |
+--- a/src/OpenSSL/crypto.py 2016-10-15 18:26:14.000000000 +0530 |
|
| 1 |
+@@ -1567,6 +1567,8 @@ |
|
| 2 |
+ def _init(self): |
|
| 3 |
+ """ |
|
| 4 |
+ Set up the store context for a subsequent verification operation. |
|
| 5 |
++ Calling this method more than once without first calling |
|
| 6 |
++ :meth:`_cleanup` will leak memory. |
|
| 7 |
+ """ |
|
| 8 |
+ ret = _lib.X509_STORE_CTX_init( |
|
| 9 |
+ self._store_ctx, self._store._store, self._cert._x509, _ffi.NULL |
|
| 10 |
+@@ -1627,6 +1629,9 @@ |
|
| 11 |
+ """ |
|
| 12 |
+ # Always re-initialize the store context in case |
|
| 13 |
+ # :meth:`verify_certificate` is called multiple times. |
|
| 14 |
++ # :meth:`_init` is called in :meth:`__init__` so _cleanup is called |
|
| 15 |
++ # before _init to ensure memory is not leaked. |
|
| 16 |
++ self._cleanup() |
|
| 17 |
+ self._init() |
|
| 18 |
+ ret = _lib.X509_verify_cert(self._store_ctx) |
|
| 19 |
+ self._cleanup() |
| ... | ... |
@@ -3,7 +3,7 @@ |
| 3 | 3 |
Summary: Python wrapper module around the OpenSSL library |
| 4 | 4 |
Name: python-pyOpenSSL |
| 5 | 5 |
Version: 16.2.0 |
| 6 |
-Release: 2%{?dist}
|
|
| 6 |
+Release: 3%{?dist}
|
|
| 7 | 7 |
Url: https://github.com/pyca/pyopenssl |
| 8 | 8 |
License: ASL 2.0 |
| 9 | 9 |
Group: Development/Languages/Python |
| ... | ... |
@@ -11,6 +11,7 @@ Vendor: VMware, Inc. |
| 11 | 11 |
Distribution: Photon |
| 12 | 12 |
Source0: pyopenssl-%{version}.tar.gz
|
| 13 | 13 |
%define sha1 pyopenssl=fdcaa88c9cf814b35cb9e1f6065adca6110cedcc |
| 14 |
+Patch0: X509StoreContext_mem_leak.patch |
|
| 14 | 15 |
BuildRequires: python2 |
| 15 | 16 |
BuildRequires: python2-libs |
| 16 | 17 |
BuildRequires: python2-devel |
| ... | ... |
@@ -41,6 +42,7 @@ Python 3 version. |
| 41 | 41 |
|
| 42 | 42 |
%prep |
| 43 | 43 |
%setup -q -n pyopenssl-%{version}
|
| 44 |
+%patch0 -p1 |
|
| 44 | 45 |
|
| 45 | 46 |
%build |
| 46 | 47 |
python setup.py build |
| ... | ... |
@@ -63,6 +65,8 @@ python3 setup.py test |
| 63 | 63 |
%{python3_sitelib}/*
|
| 64 | 64 |
|
| 65 | 65 |
%changelog |
| 66 |
+* Wed Jun 13 2018 Tapas Kundu <tkundu@vmware.com> 16.2.0-3 |
|
| 67 |
+- Patch for memleak on class X509StoreContext. |
|
| 66 | 68 |
* Tue Feb 21 2017 Xiaolin Li <xiaolinl@vmware.com> 16.2.0-2 |
| 67 | 69 |
- Add Requires for python-enum and python-ipaddress |
| 68 | 70 |
* Tue Feb 14 2017 Xiaolin Li <xiaolinl@vmware.com> 16.2.0-1 |