[asterisk-bugs] [JIRA] (ASTERISK-29274) Possible Memory Leak in PJSIP TLS Transport

Troy Bowman (JIRA) noreply at issues.asterisk.org
Tue Feb 2 20:43:59 CST 2021 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-29274?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=253694#comment-253694 ] 

Troy Bowman commented on ASTERISK-29274:
----------------------------------------

Things are looking good so far.  I turned on TLS for only two endpoints and watched memory usage closely. It grew only negligibly and did not increase over time as it did before.  I am doing this in production, so I am being careful not to risk it.  I ran into a different issue today, so I plan to turn on TLS for all devices the day after tomorrow to isolate the other issue first.

I have come to believe that ASTERISK-28564 may have been caused by pjproject's bug #87363, too.


> Possible Memory Leak in PJSIP TLS Transport
> -------------------------------------------
>
>                 Key: ASTERISK-29274
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-29274
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: pjproject/pjsip
>    Affects Versions: 16.8.0
>         Environment: Asterisk 16.8-cert5 using pjproject-2.9 on Gentoo on QEMU KVM
>            Reporter: Troy Bowman
>            Assignee: Troy Bowman
>            Severity: Major
>
> Last Saturday morning, I enabled the TLS transport in my PJSIP configuration and turned on SIPS for our Polycom phones and our provider trunks. I wanted to test TLS while we have a lower weekend call volume. 
>  Things worked well, aside from some non-fatal errors. However, I am concerned that memory usage gradually increases with this change.
> Please see my community post for graphs and the steps I took to find out what was filling up memory unnecessarily:
> https://community.asterisk.org/t/pjsip-tls-transport-memory-leak/87363
> I have since disabled TLS on all of my Polycom phones and trunks, and it is behaving normally as it did before.  TLS is the only difference in this change, so I am pretty sure there is an issue with the storage of client certificates and CA certificates.
> I can provide one of the 128M memory page dumps by other means if it is desired.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list