1berry/nodejs
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

crypto: track external memory for SSL structures

Browse Source 
Ensure that GC kicks in at the right times and the RSS does not blow up.

Fix: https://github.com/iojs/io.js/issues/1522
PR-URL: https://github.com/iojs/io.js/pull/1529
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
This commit is contained in:
Fedor Indutny 2015-04-26 14:27:46 +02:00
parent 2d241b3b82
commit e6874dd0f9
2 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/node_crypto.cc
View File

@ -1878,6 +1878,7 @@ void SSLWrap<Base>::DestroySSL() {
return; return;
SSL_free(ssl_); SSL_free(ssl_);
env_->isolate()->AdjustAmountOfExternalAllocatedMemory(-kExternalSize);
ssl_ = nullptr; ssl_ = nullptr;
} }

10
src/node_crypto.h
View File

@ -64,6 +64,7 @@ class SecureContext : public BaseObject {
static const int kMaxSessionSize = 10 * 1024; static const int kMaxSessionSize = 10 * 1024;
protected: protected:
static const int64_t kExternalSize = sizeof(SSL_CTX);
static void New(const v8::FunctionCallbackInfo<v8::Value>& args); static void New(const v8::FunctionCallbackInfo<v8::Value>& args);
static void Init(const v8::FunctionCallbackInfo<v8::Value>& args); static void Init(const v8::FunctionCallbackInfo<v8::Value>& args);
@ -97,10 +98,12 @@ class SecureContext : public BaseObject {
cert_(nullptr), cert_(nullptr),
issuer_(nullptr) { issuer_(nullptr) {
MakeWeak<SecureContext>(this); MakeWeak<SecureContext>(this);
env->isolate()->AdjustAmountOfExternalAllocatedMemory(kExternalSize);
} }
void FreeCTXMem() { void FreeCTXMem() {
if (ctx_) { if (ctx_) {
env()->isolate()->AdjustAmountOfExternalAllocatedMemory(-kExternalSize);
if (ctx_->cert_store == root_cert_store) { if (ctx_->cert_store == root_cert_store) {
// SSL_CTX_free() will attempt to free the cert_store as well. // SSL_CTX_free() will attempt to free the cert_store as well.
// Since we want our root_cert_store to stay around forever // Since we want our root_cert_store to stay around forever
@ -140,6 +143,7 @@ class SSLWrap {
session_callbacks_(false), session_callbacks_(false),
new_session_wait_(false) { new_session_wait_(false) {
ssl_ = SSL_new(sc->ctx_); ssl_ = SSL_new(sc->ctx_);
env_->isolate()->AdjustAmountOfExternalAllocatedMemory(kExternalSize);
CHECK_NE(ssl_, nullptr); CHECK_NE(ssl_, nullptr);
} }
@ -166,6 +170,12 @@ class SSLWrap {
inline bool is_waiting_new_session() const { return new_session_wait_; } inline bool is_waiting_new_session() const { return new_session_wait_; }
protected: protected:
// Size allocated by OpenSSL: one for SSL structure, one for SSL3_STATE and
// some for buffers.
// NOTE: Actually it is much more than this
static const int64_t kExternalSize =
sizeof(SSL) + sizeof(SSL3_STATE) + 42 * 1024;
static void InitNPN(SecureContext* sc); static void InitNPN(SecureContext* sc);
static void AddMethods(Environment* env, v8::Handle<v8::FunctionTemplate> t); static void AddMethods(Environment* env, v8::Handle<v8::FunctionTemplate> t);