Aiohttp: [Tracking] SSL leak in python versions >= 3.5.3

Created on 11 Apr 2017  路  7Comments  路  Source: aio-libs/aiohttp

This bug is just a marker to let other people know that this is an issue, but not in aiohttp...so if they google for this issue they can find what the real issue is.

Per my research in https://github.com/kennethreitz/requests/issues/3933 I found that the underlying Python SSL sockets are leaking. I logged http://bugs.python.org/issue29870 where they recently found and proposed a patch to fix this leak. I'll close this as soon as they're released new versions of python with the fix.

I'm not sure if it's worthwhile adding a warning to let users know that certain python versions will leak when using SSL sockets.

outdated
Source
picture thehesiod
1

Most helpful comment

will be fixed in 2.7.14, 3.5.4, 3.6.2: https://github.com/python/cpython/pull/526

picture thehesiod on 22 May 2017
👍2

All 7 comments

Damn, huge props @thehesiod for digging into this. I was at the cusp of starting to really dig into the cause of this leak as well, but you just saved me many hours of pulling out my hair!

Do you know if there's a workaround for this issue yet? Thankfully for my use case SSL isn't 100% necessary, but it'd be nice to be able to keep it enabled.

Thanks again!

Fitblip picture Fitblip on 11 Apr 2017

@Fitblip you can use uvloop

fafhrd91 picture fafhrd91 on 11 Apr 2017

i don't think uvloop will help, the issue is with the raw python SSL sockets. Per Christian Heimes + Antoine Pitrou in the python bug, the issue is with crlDistributionPoints in the SSL certificates. So theoretically if you don't have certs that have these it shouldn't leak.

thehesiod picture thehesiod on 11 Apr 2017
1

@fafhrd91 - The leak still seems present even if I use uvloop. When I switch all my aiohttp requests to plain-text HTTP though the leak goes away.

Fitblip picture Fitblip on 11 Apr 2017

I guess uvloop should not use ssl from python

fafhrd91 picture fafhrd91 on 11 Apr 2017

will be fixed in 2.7.14, 3.5.4, 3.6.2: https://github.com/python/cpython/pull/526

thehesiod picture thehesiod on 22 May 2017
👍2

This thread has been automatically locked since there has not been
any recent activity after it was closed. Please open a [new issue] for
related bugs.

If you feel like there's important points made in this discussion,
please include those exceprts into that [new issue].

lock[bot] picture lock[bot] on 28 Oct 2019
Was this page helpful?
0 / 5 - 0 ratings

Related issues

kr41 picture kr41  路  4Comments
alxpy picture alxpy  路  5Comments
JoseKilo picture JoseKilo  路  3Comments
rckclmbr picture rckclmbr  路  5Comments
AtomsForPeace picture AtomsForPeace  路  5Comments