Re: memory growing when using SSL connections

Fri, 08 Jan 2010 09:01:06 -0800 

Thanks. Are there any others which are mentioned under
http://www.openssl.org/support/faq.html#PROG13 which I should be wary of for similar reasons? 

David

--------------------------------------------------
From: "Dr. Stephen Henson" <st...@openssl.org>
Sent: Friday, January 08, 2010 10:55 AM
To: <openssl-users@openssl.org>
Subject: Re: memory growing when using SSL connections


On Thu, Jan 07, 2010, David wrote:


Hi,


I'm using tn3270 sessions running over SSL. I may have up to 124 sessions 
activated concurrently, although I plan to get up to 250 sessions at some 
point.



Whenever the sessions are stopped and restarted, I notice intermittently 
that memory grows in multiples of 4K bytes.


I'm running on AIX 5.1, 5.2 and 5.3 and using openssl-0.9.8l.

There doesn't appear to be an obvious memory leak in either my 
application or the OpenSSL stuff (all memory allocated when the sessions 
are started are freed when the sessions are stopped).

Here's a summary of the code structure:

SSL_library_init();
meth = TLSv1_client_method();
RAND_seed();
ctx = SSL_CTX_new(meth);

while ([some telnet connection wants to do SSL])
{
    ssl = SSL_new(ctx);
    SSL_set_fd()
    SSL_set_cipher_list();
    SSL_set_connect_state();
    SSL_connect();
    do SSL_read(), SSL_write()
    SSL_shutdown();
    close FD;
    SSL_free();
    CRYPTO_cleanup_all_ex_data();
  }

Any ideas would be appreciated.
Thanks,
David



Some cleanups occur on each connection and others only when the 
application

shuts down.

You should *not* call CRYPTO_cleanup_all_ex_data() on every SSL connection
because later SSL connections may use it and end up not freeing data
correctly.


This is especially an issue if connections use compression (OpenSSL 
compiled

against zlib) as it is by default in some linux distributions.

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org

Automated List Manager                           majord...@openssl.org 


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org






















					Reply via email to