根据示例here和此处的here,我设置了使用TLS和自定义证书的服务器和客户端。 使用pprof随时间推移分析内存使用情况表明,每次TLS客户端连接时,分配数量都会增加。查看日志,其中确实有很多条目:
# 0x5827cb math/big.nat.make+0x93b /usr/local/go/src/math/big/nat.go:68
# 0x58267e math/big.nat.mul+0x7ee /usr/local/go/src/math/big/nat.go:428
# 0x5780b8 math/big.(*Int).Mul+0x118 /usr/local/go/src/math/big/int.go:168
# 0x72d57b crypto/elliptic.(*CurveParams).addJacobian+0xf5b /usr/local/go/src/crypto/elliptic/elliptic.go:145
# 0x72ebe2 crypto/elliptic.(*CurveParams).ScalarMult+0x1c2 /usr/local/go/src/crypto/elliptic/elliptic.go:260
# 0x7c5934 crypto/tls.(*nistParameters).SharedKey+0xd4 /usr/local/go/src/crypto/tls/key_schedule.go:171
# 0x7c3d09 crypto/tls.(*ecdheKeyAgreement).processServerKeyExchange+0x1d9 /usr/local/go/src/crypto/tls/key_agreement.go:266
# 0x7a43e1 crypto/tls.(*clientHandshakeState).doFullHandshake+0x471 /usr/local/go/src/crypto/tls/handshake_client.go:503
# 0x7a3b9a crypto/tls.(*clientHandshakeState).handshake+0x3fa /usr/local/go/src/crypto/tls/handshake_client.go:399
# 0x7a21ec crypto/tls.(*Conn).clientHandshake+0x2cc /usr/local/go/src/crypto/tls/handshake_client.go:208
# 0x7a07fe crypto/tls.(*Conn).Handshake+0xee /usr/local/go/src/crypto/tls/conn.go:1343
# 0x7ca570 crypto/tls.DialWithDialer+0x220 /usr/local/go/src/crypto/tls/tls.go:156
# 0x8f2578 crypto/tls.Dial+0x1a8 /usr/local/go/src/crypto/tls/tls.go:180
# 0x8f2518 main.(*TCPSSLClient).Open+0x148 /home/audinate/vcx/tcpSslClient.go:39
还有这些:
# 0x58364a math/big.nat.make+0x2ca /usr/local/go/src/math/big/nat.go:68
# 0x583507 math/big.nat.sqr+0x187 /usr/local/go/src/math/big/nat.go:570
# 0x578015 math/big.(*Int).Mul+0x75 /usr/local/go/src/math/big/int.go:164
# 0x72e0e0 crypto/elliptic.(*CurveParams).doubleJacobian+0xe0 /usr/local/go/src/crypto/elliptic/elliptic.go:197
# 0x72eb7c crypto/elliptic.(*CurveParams).ScalarMult+0x15c /usr/local/go/src/crypto/elliptic/elliptic.go:258
# 0x7c5934 crypto/tls.(*nistParameters).SharedKey+0xd4 /usr/local/go/src/crypto/tls/key_schedule.go:171
# 0x7c3d09 crypto/tls.(*ecdheKeyAgreement).processServerKeyExchange+0x1d9 /usr/local/go/src/crypto/tls/key_agreement.go:266
# 0x7a43e1 crypto/tls.(*clientHandshakeState).doFullHandshake+0x471 /usr/local/go/src/crypto/tls/handshake_client.go:503
# 0x7a3b9a crypto/tls.(*clientHandshakeState).handshake+0x3fa /usr/local/go/src/crypto/tls/handshake_client.go:399
# 0x7a21ec crypto/tls.(*Conn).clientHandshake+0x2cc /usr/local/go/src/crypto/tls/handshake_client.go:208
# 0x7a07fe crypto/tls.(*Conn).Handshake+0xee /usr/local/go/src/crypto/tls/conn.go:1343
# 0x7ca570 crypto/tls.DialWithDialer+0x220 /usr/local/go/src/crypto/tls/tls.go:156
# 0x8f2578 crypto/tls.Dial+0x1a8 /usr/local/go/src/crypto/tls/tls.go:180
# 0x8f2518 main.(*TCPSSLClient).Open+0x148 /home/audinate/vcx/tcpSslClient.go:39
使用 go工具pprof http://localhost:6060/debug/pprof/allocs 和 top 表示其高度计数。
Type: alloc_space
Time: Jul 19, 2019 at 3:03pm (CEST)
Entering interactive mode (type "help" for commands, "o" for options)
(pprof) top
Showing nodes accounting for 124.23MB, 96.13% of 129.23MB total
Dropped 34 nodes (cum <= 0.65MB)
Showing top 10 nodes out of 78
flat flat% sum% cum cum%
110.03MB 85.14% 85.14% 110.03MB 85.14% math/big.nat.make
3.53MB 2.73% 87.87% 6.47MB 5.00% compress/flate.NewWriter
2MB 1.55% 89.41% 2MB 1.55% math/big.basicSqr
1.80MB 1.39% 90.81% 2.94MB 2.28% compress/flate.(*compressor).init
1.50MB 1.16% 91.97% 1.50MB 1.16% encoding/pem.removeWhitespace
1.50MB 1.16% 93.13% 61.51MB 47.60% crypto/elliptic.(*CurveParams).doubleJacobian
1.14MB 0.88% 94.01% 1.14MB 0.88% compress/flate.newDeflateFast
1MB 0.77% 94.79% 1MB 0.77% reflect.unsafe_NewArray
1MB 0.77% 95.56% 1MB 0.77% reflect.(*structType).Field
0.73MB 0.57% 96.13% 0.73MB 0.57% main.NewConmon
(pprof)
我在客户端的代码非常简单:(不显示重新连接的计时器。)
.......
config := &tls.Config{Certificates: certificates, RootCAs: cas, SessionTicketsDisabled: true}
conn, err := tls.Dial("tcp", addr, config)
if err != nil {
...
return
}
....
conn.Close()
....