[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] memory leak: solved
From: |
Daniel Kahn Gillmor |
Subject: |
Re: [Sks-devel] memory leak: solved |
Date: |
Fri, 10 Apr 2015 17:18:54 -0400 |
User-agent: |
Notmuch/0.18.2 (http://notmuchmail.org) Emacs/24.4.1 (x86_64-pc-linux-gnu) |
On Fri 2015-04-10 03:32:20 -0400, Kiss Gabor (Bitman) wrote:
>> sks 1.1.5+ requires round about 300MB in main memory on key.cccmz.de and
>> key.ip6.li. May be there is a problem, when haproxy is used in tcp mode to
>> proxy port 11370. key.ip6.li did not have problems, but a test system has
>> also
>> memory problems.
>>
>> On key.cccmz.de I replaced haproxy solution by native IPv6 solution and IP
>> NAT
>> for IPv4.
>
> Dear Christian et al.
>
> This morning I did realize that keys.niif.hu is not configured at
> keys.cccmz.de as peer. See
> https://sks-keyservers.net/status/info/key.cccmz.de
> That _can_ be the reason of extreme memory consuming at my side. :-)
I consider this a bug in SKS, if it can overconsume RAM on the basis of
one misbehaving or rejecting peer.
the implication is that a network attacker can force any SKS server into
this state.
Have you filed a bug report about this? Having a clear diagnosis of the
problem (and how to reproduce it?) would be really useful.
--dkg