When you get an SSL_ERROR_SYSCALL, that's when you need to check errno for its value (since errno is set by the system call). This will give you the correct reason why the library is throwing the error that it is.
You say that you aren't getting a memory leak with each ping, but you're getting a steady 200k leak for each call? I'm confused. Never, ever try to set the reference count yourself. It's managed by the library, and if you screw with it you're going to end up at some point with a refcount of -1, which is not the same as 0, so it'll stick around forever. (Unless you're saying that you check the refcount after the SSL_CTX_free and SSL_free, and they are 0 at that time?) -Kyle H On Tue, May 19, 2009 at 2:14 AM, Andy Murphy <an...@tbsmobility.com> wrote: > Hi Kyle, thanks for the response (although I missed it at first). > > I do get a SSL_ERROR_SYSCALL although a subsequent call to ERR_error_string > gives me nothing. I'm now not sure that I'm on the correct track though as > I'll explain. > > * We use OpenSSL to secure a "ping" from a mobile device to a server so that > we can then receive data later. > > * We are seeing what we thought was a memory leak with each ping, although > checking with Entrek CodeSnitch shows that we are getting a leak of 2.6MB > whether we send a ping, once, ten or a hundred times. I believe that this is > linked to the SSL_library_init method (which we only call once per > application) and the fact that we don't call EVP_cleanup. > > * Both the SSL_CTX and SSL objects are cleared after each use using > SSL_CTX_free and SSL_free and both of their reference counts are set to 0 > after the freeing. > > * We get a steady 200k "leak" for each call. I read somewhere that OpenSSL > keeps an internal cache and am wondering if this could be the cause. > > A bit more history is that as always the original developer has long flown > the nest so I'm learning the library here. > > Thanks for any help you can give. > > Andy > > >> -----Original Message----- >> From: owner-openssl-us...@openssl.org [mailto:owner-openssl- >> us...@openssl.org] On Behalf Of Kyle Hamilton >> Sent: 14 May 2009 18:10 >> To: openssl-users@openssl.org >> Subject: Re: SSL_shutdown never returns 1 >> >> If you expect no more data from the client, you can simply destroy the >> SSL context at the point you first call it (even if it returns 0). It >> will only return 1 if it has received the peer's close_notify, and >> it's possible that those peers failed to send it. (Do you get an >> SSL_ERROR_SYSCALL with EINVAL or EPIPE?) >> >> -Kyle H >> >> On Thu, May 14, 2009 at 7:31 AM, Andy Murphy <an...@tbsmobility.com> >> wrote: >> > Hi, we are trying to track down a memory leak that occurs when we run >> secure >> > comms using the OpenSSL library. Now we’ve had this before where we >> thought >> > it was the library but I tracked it down to us not using the word >> virtual on >> > our base class’ destructor, so I’m not about to start blaming OpenSSL >> again >> > J. >> > >> > >> > >> > I have however seen from some other threads that if SSL_shutdown does >> not >> > return 1 then there could be a leak. Our logs show that two attempts >> to >> > call SSL_shutdown do not result in 1 coming back and I’ve just tried >> it in a >> > never-ending while loop and well, it never ended, suggesting that we >> are >> > doing something wrong. >> > >> > >> > >> > Do we know what SSL_shutdown depends on in order to be able to >> shutdown >> > correctly and thus free the memory used for the connection? >> > >> > >> > >> > Cheers >> > >> > >> > >> > Andrew Murphy >> > >> > Senior Software Developer >> > >> > Ironstone House, Kedleston Close, Belper, >> > >> > Derbyshire, England DE56 1TZ >> > >> > Office Reception: +44 1773 596900 >> > Fax: +44 1773 596901 >> > >> > Skype: andyleemurphy >> > Web: www.tbsmobility.com >> > Email: andrew.mur...@tbsmobility.com >> > >> > >> ______________________________________________________________________ >> OpenSSL Project http://www.openssl.org >> User Support Mailing List openssl-us...@openssl.org >> Automated List Manager majord...@openssl.org > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
