You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Run the kill -hup {pid} command for the proftpd process repeatedly. As a result, the RSS of the process increases. Memory leakage may occur.
After analysis, I think that during the reload process, a new tls_ticket_key is generated each time, and mlock is performed, which causes the RSS of the process to increase continuously. It is necessary to save the tls_ticket_key, but does it need to be regenerated for each reload?
What I Expected/Wanted
The reload process is running, but the memory usage of the process does not increase.
It is necessary to save the tls_ticket_key, but does it need to be regenerated for each reload?
Generating a new key for encrypting TLS tickets, on each reload, helps ensure that these keys are unique across ProFTPD installations and hosts, and are not constant over long periods of time.
I'll look into checking whether mlock(2) is needed during a restart (for it is needed on process startup).
Note that the mod_tls module used to properly scrub the in-memory mlock(2)'d keys from memory, prior to #353. See Bug#4260 for the reasons why that behavior was changed.
What I Did
Run the kill -hup {pid} command for the proftpd process repeatedly. As a result, the RSS of the process increases. Memory leakage may occur.
After analysis, I think that during the reload process, a new tls_ticket_key is generated each time, and mlock is performed, which causes the RSS of the process to increase continuously. It is necessary to save the tls_ticket_key, but does it need to be regenerated for each reload?
What I Expected/Wanted
The reload process is running, but the memory usage of the process does not increase.
ProFTPD Version and Configuration
The text was updated successfully, but these errors were encountered: