| 2020-10-14 20:45:33 |
Unit 193 |
bug |
|
|
added bug |
| 2020-10-14 20:45:33 |
Unit 193 |
attachment added |
|
1001-ssl_error_handling.patch https://bugs.launchpad.net/bugs/1899841/+attachment/5422292/+files/1001-ssl_error_handling.patch |
|
| 2020-10-14 20:48:08 |
Unit 193 |
bug watch added |
|
https://gitlab.xiph.org/xiph/icecast-server/-/issues/2391 |
|
| 2020-10-14 20:48:08 |
Unit 193 |
bug task added |
|
icecast |
|
| 2020-10-14 20:48:56 |
Unit 193 |
bug watch added |
|
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969018 |
|
| 2020-10-14 20:48:56 |
Unit 193 |
bug task added |
|
icecast2 (Debian) |
|
| 2020-10-15 00:54:33 |
Unit 193 |
description |
Howdy,
When one has TLS enabled, icecast2 leaks memory on client disconnect. Given the nature of a streaming server this happens all the time.
There are two ways to solve this, one would be to switch to using OpenSSL rather than WolfSSL, while the other would be to apply a tiny patch that was written by one of the WolfSSL contributors and is attached.
I tested both solutions and they most certainly do solve the problem. One can easily test by setting up icecast2, connecting a source client, then creating a loop with wget to generate a lot of connect/disconnect noise.
~Unit 193 |
Howdy,
When one has TLS enabled, icecast2 leaks memory on client disconnect. Given the nature of a streaming server this happens all the time.
There are two ways to solve this, one would be to switch to using OpenSSL rather than WolfSSL, while the other would be to apply a tiny patch that was written by one of the WolfSSL contributors and is attached.
I tested both solutions and they most certainly do solve the problem. One can easily test by setting up icecast2, connecting a source client, then creating a loop with wget to generate a lot of connect/disconnect noise.
[Impact]
Anyone that uses TLS will be affected.
[Test Case]
Set up icecast2 with TLS and hook up a source client such as ices2, darkice, boodler, etc.
Quickly connect and disconnect some clients:
for i in `seq 1 300`;do timeout 3 wget -O /dev/null https://DOMAIN.TLD:TLS-PORT/STREAM-MOUNT;done
And watch the memory increase.
[Regression Potential]
Well it's a minimal patch, so topping OOM'ing due to too many clients is going to be hard to beat.
If switching to OpenSSL, this is perhaps a bigger change due to switching out TLS backends, but perhaps has been tested more.
~Unit 193 |
|
| 2020-10-15 00:54:55 |
Unit 193 |
attachment added |
|
icecast2.debdiff https://bugs.launchpad.net/debian/+source/icecast2/+bug/1899841/+attachment/5422340/+files/icecast2.debdiff |
|
| 2020-10-15 01:02:35 |
Unit 193 |
bug |
|
|
added subscriber Ubuntu Sponsors Team |
| 2020-10-29 11:12:48 |
Robie Basak |
description |
Howdy,
When one has TLS enabled, icecast2 leaks memory on client disconnect. Given the nature of a streaming server this happens all the time.
There are two ways to solve this, one would be to switch to using OpenSSL rather than WolfSSL, while the other would be to apply a tiny patch that was written by one of the WolfSSL contributors and is attached.
I tested both solutions and they most certainly do solve the problem. One can easily test by setting up icecast2, connecting a source client, then creating a loop with wget to generate a lot of connect/disconnect noise.
[Impact]
Anyone that uses TLS will be affected.
[Test Case]
Set up icecast2 with TLS and hook up a source client such as ices2, darkice, boodler, etc.
Quickly connect and disconnect some clients:
for i in `seq 1 300`;do timeout 3 wget -O /dev/null https://DOMAIN.TLD:TLS-PORT/STREAM-MOUNT;done
And watch the memory increase.
[Regression Potential]
Well it's a minimal patch, so topping OOM'ing due to too many clients is going to be hard to beat.
If switching to OpenSSL, this is perhaps a bigger change due to switching out TLS backends, but perhaps has been tested more.
~Unit 193 |
Howdy,
When one has TLS enabled, icecast2 leaks memory on client disconnect. Given the nature of a streaming server this happens all the time.
There are two ways to solve this, one would be to switch to using OpenSSL rather than WolfSSL, while the other would be to apply a tiny patch that was written by one of the WolfSSL contributors and is attached.
I tested both solutions and they most certainly do solve the problem. One can easily test by setting up icecast2, connecting a source client, then creating a loop with wget to generate a lot of connect/disconnect noise.
[Impact]
Anyone that uses TLS will be affected by a memory leak.
[Test Case]
Set up icecast2 with TLS and hook up a source client such as ices2, darkice, boodler, etc.
Quickly connect and disconnect some clients:
for i in `seq 1 300`;do timeout 3 wget -O /dev/null https://DOMAIN.TLD:TLS-PORT/STREAM-MOUNT;done
And watch the memory increase.
[Regression Potential]
Well it's a minimal patch, so topping OOM'ing due to too many clients is going to be hard to beat.
If switching to OpenSSL, this is perhaps a bigger change due to switching out TLS backends, but perhaps has been tested more.
Code that handles edge case SSL protocol handling is being adjusted.
~Unit 193 |
|
| 2020-10-29 11:13:54 |
Robie Basak |
nominated for series |
|
Ubuntu Focal |
|
| 2020-10-29 11:13:54 |
Robie Basak |
bug task added |
|
icecast2 (Ubuntu Focal) |
|
| 2020-10-29 11:14:02 |
Robie Basak |
icecast2 (Ubuntu): status |
New |
Fix Released |
|
| 2020-10-29 11:14:06 |
Robie Basak |
icecast2 (Ubuntu Focal): status |
New |
In Progress |
|
| 2020-10-29 11:14:19 |
Robie Basak |
icecast2 (Ubuntu Focal): assignee |
|
Unit 193 (unit193) |
|
| 2020-10-29 11:14:25 |
Robie Basak |
removed subscriber Ubuntu Sponsors Team |
|
|
|
| 2020-10-29 11:27:56 |
Robie Basak |
description |
Howdy,
When one has TLS enabled, icecast2 leaks memory on client disconnect. Given the nature of a streaming server this happens all the time.
There are two ways to solve this, one would be to switch to using OpenSSL rather than WolfSSL, while the other would be to apply a tiny patch that was written by one of the WolfSSL contributors and is attached.
I tested both solutions and they most certainly do solve the problem. One can easily test by setting up icecast2, connecting a source client, then creating a loop with wget to generate a lot of connect/disconnect noise.
[Impact]
Anyone that uses TLS will be affected by a memory leak.
[Test Case]
Set up icecast2 with TLS and hook up a source client such as ices2, darkice, boodler, etc.
Quickly connect and disconnect some clients:
for i in `seq 1 300`;do timeout 3 wget -O /dev/null https://DOMAIN.TLD:TLS-PORT/STREAM-MOUNT;done
And watch the memory increase.
[Regression Potential]
Well it's a minimal patch, so topping OOM'ing due to too many clients is going to be hard to beat.
If switching to OpenSSL, this is perhaps a bigger change due to switching out TLS backends, but perhaps has been tested more.
Code that handles edge case SSL protocol handling is being adjusted.
~Unit 193 |
Howdy,
When one has TLS enabled, icecast2 leaks memory on client disconnect. Given the nature of a streaming server this happens all the time.
There are two ways to solve this, one would be to switch to using OpenSSL rather than WolfSSL, while the other would be to apply a tiny patch that was written by one of the WolfSSL contributors and is attached.
I tested both solutions and they most certainly do solve the problem. One can easily test by setting up icecast2, connecting a source client, then creating a loop with wget to generate a lot of connect/disconnect noise.
[Impact]
Anyone that uses TLS will be affected by a memory leak.
[Test Case]
Set up icecast2 with TLS and hook up a source client such as ices2, darkice, boodler, etc.
Quickly connect and disconnect some clients:
for i in `seq 1 300`;do timeout 3 wget -O /dev/null https://DOMAIN.TLD:TLS-PORT/STREAM-MOUNT;done
And watch the memory increase.
[Regression Potential]
Well it's a minimal patch, so topping OOM'ing due to too many clients is going to be hard to beat.
If switching to OpenSSL, this is perhaps a bigger change due to switching out TLS backends, but perhaps has been tested more.
Code that handles edge case SSL protocol handling is being adjusted. Any regressions are likely to manifest in this area.
~Unit 193 |
|
| 2020-11-03 21:06:49 |
Brian Murray |
icecast2 (Ubuntu Focal): status |
In Progress |
Fix Committed |
|
| 2020-11-03 21:06:51 |
Brian Murray |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
| 2020-11-03 21:06:52 |
Brian Murray |
bug |
|
|
added subscriber SRU Verification |
| 2020-11-03 21:06:56 |
Brian Murray |
tags |
|
verification-needed verification-needed-focal |
|
| 2020-11-24 01:41:46 |
Unit 193 |
tags |
verification-needed verification-needed-focal |
verification-done verification-done-focal |
|
| 2020-11-24 17:07:51 |
Launchpad Janitor |
icecast2 (Ubuntu Focal): status |
Fix Committed |
Fix Released |
|
| 2020-11-24 17:07:58 |
Brian Murray |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
| 2021-03-01 20:41:10 |
Bug Watch Updater |
icecast2 (Debian): status |
Unknown |
Fix Released |
|
| 2022-05-20 16:11:23 |
Bug Watch Updater |
icecast: status |
Unknown |
New |
|
