Re: memory growing when using SSL connections

Fri, 08 Jan 2010 06:29:33 -0800 

Jeremy,
Thanks for the comments. The ctx stays around for the life of the process, so I never free it unless the process is about to exit. Only the ssl connections are freed and new ones are created. There are multiple ssl connections per ctx. I've actually tried using one ssl connection per ctx and freeing both ssl and ctx after use, but the results didn't change. 

Regards,
David

--------------------------------------------------
From: "Jeremy Hunt" <jere...@optimation.com.au>
Sent: Thursday, January 07, 2010 5:20 PM
To: <openssl-users@openssl.org>
Cc: <danny33...@bellsouth.net>
Subject: Re: memory growing when using SSL connections



Hi David,


Off the top of my head I notice that you do not call this as part of the 
cleanup: SSL_CTX_free()  [ 
http://www.openssl.org/docs/ssl/SSL_CTX_free.html# ]


There is also this: [ http://www.openssl.org/support/faq.html#PROG13 ]

Regards,

Jeremy

David wrote:

*[safeTgram (safetgram-in) receive status: NOT encrypted, NOT signed.]*

Hi,

 I'm using tn3270 sessions running over SSL. I may have up to 124 
sessions activated concurrently, although I plan to get up to 250 
sessions at some point. Whenever the sessions are stopped and restarted, 
I notice intermittently that memory grows in multiples of 4K bytes.
 I'm running on AIX 5.1, 5.2 and 5.3 and using openssl-0.9.8l. There 
doesn't appear to be an obvious memory leak in either my application or 
the OpenSSL stuff (all memory allocated when the sessions are started are 
freed when the sessions are stopped).

Here's a summary of the code structure:
 SSL_library_init();
meth = TLSv1_client_method();
RAND_seed();
ctx = SSL_CTX_new(meth);
 while ([some telnet connection wants to do SSL])
{
    ssl = SSL_new(ctx);
    SSL_set_fd()
    SSL_set_cipher_list();   SSL_set_connect_state();
    SSL_connect();
    do SSL_read(), SSL_write()
    SSL_shutdown();
    close FD;
    SSL_free();
    CRYPTO_cleanup_all_ex_data();
  }
         Any ideas would be appreciated.
Thanks,
David




--


"The most likely way for the world to be destroyed, most experts agree, is 
by accident. That's where we come in; we're computer professionals. We 
cause accidents." -- Nathaniel Borenstein, co-creator of MIME

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org

Automated List Manager                           majord...@openssl.org 


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org























					Reply via email to