You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@mina.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2018/10/01 17:56:00 UTC

[jira] [Commented] (SSHD-846) ECDH/HDG kex retains KeyPairGenerator

    [ https://issues.apache.org/jira/browse/SSHD-846?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16634397#comment-16634397 ] 

ASF GitHub Bot commented on SSHD-846:
-------------------------------------

GitHub user rovarga opened a pull request:

    https://github.com/apache/mina-sshd/pull/67

    [SSHD-846] Allow KeyPairGenerators to be garbage-collected

    Since we do not use the KeyPairGenerator once we have generated the keypair, make sure we remove our reference so it can be garbage-collected. With Bouncy Castle that translates to around ~34KiB memory savings per session.

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/rovarga/mina-sshd dh-keygen

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/mina-sshd/pull/67.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #67
    
----
commit 90e4ebd11295a2164f60bc7a4c4b2fce68e35292
Author: Robert Varga <ro...@...>
Date:   2018-10-01T17:44:09Z

    [SSHD-846] Allow KeyPairGenerators to be garbage-collected

----


> ECDH/HDG kex retains KeyPairGenerator
> -------------------------------------
>
>                 Key: SSHD-846
>                 URL: https://issues.apache.org/jira/browse/SSHD-846
>             Project: MINA SSHD
>          Issue Type: Bug
>    Affects Versions: 1.6.0, 1.7.0, 2.0.0
>            Reporter: Robert Varga
>            Priority: Major
>
> Analysis of a heap dump of running OpenDaylight with 10K concurrent NETCONF sessions over SSH transport shows that around 16% of the heap is used by Bouncy Castle's KeyPairGeneratorSpi$EC and related objects – accounting for ~26% of OpenDaylight's per-session memory overhead.
> These objects are retained by org.apache.sshd.common.kex.ECDH's myKpairGen field, which is never used once a keypair is generated.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)