Christian Heimes added the comment:
Yes, I'm currently testing the change with a bunch of OpenSSL and LibreSSL
versions.
By the way the memory issue can be reproduced with any certificate that
contains a CRL distribution point. Letsencrypt certs don't have a CRL DP. I
guess Alexander's test cert doesn't have a CRL DP either. The Nokia test cert
in our test suite contains one.
---
import _ssl
import sys
PEM = 'Lib/test/nokia.pem'
def mem():
with open('/proc/self/status') as f:
for line in f:
if line.startswith('RssAnon'):
print(line, end='')
for i in range(10000):
if i % 1000 == 0:
mem()
d = _ssl._test_decode_cert(PEM)
assert d['crlDistributionPoints']
mem()
---
Without fix:
$ ./python t.py
RssAnon: 4376 kB
RssAnon: 4840 kB
RssAnon: 5224 kB
RssAnon: 5608 kB
RssAnon: 6120 kB
RssAnon: 6504 kB
RssAnon: 6888 kB
RssAnon: 7272 kB
RssAnon: 7656 kB
RssAnon: 8040 kB
RssAnon: 8424 kB
With fix:
$ ./python t.py
RssAnon: 4376 kB
RssAnon: 4376 kB
RssAnon: 4376 kB
RssAnon: 4376 kB
RssAnon: 4376 kB
RssAnon: 4376 kB
RssAnon: 4376 kB
RssAnon: 4376 kB
RssAnon: 4376 kB
RssAnon: 4376 kB
RssAnon: 4376 kB
----------
_______________________________________
Python tracker <[email protected]>
<http://bugs.python.org/issue29870>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe:
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
