Comments (4)
AnthonyDeroche
commented on May 20, 2024
Hello,
Thanks for the investigation.
I will have a look on this asap.
Maybe you can downgrade the module version or the libjwt version to check if it still occurs.
from mod_authnz_jwt.
GRRedWings
commented on May 20, 2024
Was there ever any resolution to this? In looking at using this module I'd be fearful of a known memory leak
from mod_authnz_jwt.
AnthonyDeroche
commented on May 20, 2024
I am not able to reproduce the leak with last version of everything :
- Apache 2.4.46
- libjwt 1.12.1
- mod_authnz_jwt 1.2.0
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 1.3 0.0 2384 696 ? Ss 09:50 0:00 /bin/sh -c httpd && sleep 3 && ps aux && ab -q -n 1000000 -c 50 http://localhost/ >/dev/null && ps aux
root 8 0.0 0.0 11832 4152 ? Ss 09:50 0:00 httpd
daemon 10 0.0 0.0 2002932 4200 ? Sl 09:50 0:00 httpd
daemon 11 0.0 0.0 2002932 4176 ? Sl 09:50 0:00 httpd
daemon 12 0.0 0.0 2002932 4192 ? Sl 09:50 0:00 httpd
root 94 0.0 0.0 7636 2740 ? R 09:50 0:00 ps aux
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.0 2384 696 ? Ss 09:50 0:00 /bin/sh -c httpd && sleep 3 && ps aux && ab -q -n 1000000 -c 50 http://localhost/ >/dev/null && ps aux
root 8 0.0 0.0 11832 4152 ? Ss 09:50 0:00 httpd
daemon 10 9.6 0.0 2004084 5580 ? Sl 09:50 0:09 httpd
daemon 11 20.9 0.0 2004028 5268 ? Sl 09:50 0:21 httpd
daemon 12 54.5 0.0 2004028 5404 ? Sl 09:50 0:56 httpd
daemon 96 139 0.0 2004028 5196 ? Sl 09:50 2:17 httpd
root 124 0.0 0.0 7636 2760 ? R 09:52 0:00 ps aux
Dockerfile I used
FROM debian:buster-slim as build
WORKDIR /build
RUN apt-get update && \
apt-get install -y ca-certificates make automake git g++ libtool pkg-config autoconf libssl-dev check libjansson-dev libz-dev procps apache2 apache2-dev
ARG LIBJWT_VERSION=1.12.1
ARG MOD_AUTHNZ_JWT_VERSION=1.2.0
RUN git clone https://github.com/benmcollins/libjwt.git && \
cd libjwt && \
git checkout tags/v$LIBJWT_VERSION && \
autoreconf -i && \
./configure && \
make && \
make install
RUN git clone https://github.com/AnthonyDeroche/mod_authnz_jwt.git && \
cd mod_authnz_jwt && \
git checkout tags/v$MOD_AUTHNZ_JWT_VERSION && \
autoreconf -ivf && \
PKG_CONFIG_PATH=/usr/local ./configure && \
make && \
make install
FROM httpd:2.4
COPY --from=build /usr/local/lib/libjwt.so /usr/lib/x86_64-linux-gnu/libjwt.so.1
COPY --from=build /usr/lib/apache2/modules/mod_authnz_jwt.so /usr/local/apache2/modules/mod_authnz_jwt.so
RUN echo "LoadModule auth_jwt_module modules/mod_authnz_jwt.so" >> /usr/local/apache2/conf/httpd.conf
RUN echo "AuthJWTSignatureAlgorithm HS512\n \
AuthJWTSignatureSharedSecret test\n \
AuthJWTIss test\n \
<Location />\n \
AuthType jwt\n \
AuthName \"test\"\n \
Require valid-user\n \
</Location>\n \
" >>/usr/local/apache2/conf/httpd.conf
RUN apt-get update && apt-get install procps -y
RUN httpd && sleep 3 && ps aux && ab -q -n 1000000 -c 50 http://localhost/ >/dev/null && ps aux
from mod_authnz_jwt.
jbloggz
commented on May 20, 2024
I found a memory leak the the create_token() function (see pull request #55). I doubt this is the same leak, but thought it worth mentioning
from mod_authnz_jwt.
Related Issues (20)
- Pass JWT via URL param, not in the Authorization header HOT 3
- Centos issues with mod_authnz_jwt
- Invalid command 'AuthJWTDeliveryType' HOT 1
- How to implement in docker HOT 3
- Using with Docker HOT 1
- Module accepts any issuer and expiration HOT 3
- Incorrect call to ap_log_rerror()
- AuthJWTProvider ldap with Require ldap-group HOT 1
- Missing Authorization header even though one is set HOT 2
- AH55204: auth_jwt authn: the expected parameter user is missing, aborting authentication HOT 1
- Valid tokens stop being accepted HOT 1
- Just a question about /login HOT 4
- Erreneously complains: Decoding process has failed, token is either malformed or signature is invalid HOT 2
- Windows support? HOT 1
- Installation does not work on OpenSuse Leap 15.2 / 15.3 because of apache module naming glitch
- Supported version of mod_authnz_jwt HOT 2
- How do I forward to another page after login? HOT 1
- Duplicate requests and Index not working HOT 2
- Decoding process has failed, token is either malformed or signature is invalid
- We are able to generate the token but not able to set the required environment variables with data stored in DB. Used AuthJWTProvider dbd technique
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from mod_authnz_jwt.