The cryptography version of message verification leaks memory

[jeremycline]

It appears that the cryptography+pyOpenSSL version of the message verification leaks memory in conjunction with the consumer model of subscribing to messages. To reproduce:

from fedmsg.consumers import FedmsgConsumer


class Consumer(FedmsgConsumer):

    validate_signatures = True
    config_key = 'demo_consumer'

    def consume(self, message):
        print(message)

And then make a setup.py and package for the entry point:

from setuptools import setup, find_packages

setup(
    name='demo',
    version='0.1.0',
    license='GPLv2+',
    packages=find_packages(),
    install_requires=['fedmsg'],
    entry_points={
        'moksha.consumer': (
            'demo_consumer = demo:Consumer',
        ),
    }
)

Start fedmsg-hub (configured to start that consumer) and watch the memory slowly grow. You'll also need to install cryptography and pyOpenSSL.

[jeremycline]

This ended up being two separate memory leaks in pyOpenSSL. I've submitted pyca/pyopenssl#690 and pyca/pyopenssl#691 and once issues are fixed upstream I'll see about getting them into F25+ packages.

[abompard]

👍