This repository has been archived by the owner on Jan 23, 2023. It is now read-only.
[release/3.1] release existingTrust
to avoid native memory leak in ssl handshake on macOS
#42985
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is port of dotnet/runtime#41657 to fix dotnet/runtime#34080
Summary
There is memory leak inside of AppleCryptoNative_SslIsHostnameMatch() function which is used to verify peer's name in every client TLS handshake on macOS. There is no workaround and if running long enough, .NET will consume all available memory and crash. The
SecTrustRef
is internal structure and holds additional objects - like URL of OCSP or CRL responder so leaked memory is bigger than small.Customer Impact
We have worked with a major customer who has been hitting this leak in an app that they intend to widely deploy within their organization (10K”s of deployments). They are encountering this leak and it is blocking their deployment. They have attempted to work around it by restarting the app when their memory consumption reaches a threshold but this workaround is not sustainable for them at scale so they are seeking a fix backported to 3.1 LTS.
Regression?
no.
Testing
the fix was verified with Apple's development tools e.g.
leaks
utilityRisk
low. This releases structure we obtained via
SSLCopyPeerTrust
and it does not change any flow.cc: @danmosemsft