Hi David et al,
On reading the responses so far two new thoughts occur to me:
1. In view of Dr Henson's response, I wonder if removing the
CRYPTO_cleanup_all_ex_data() call in your loop will fix the problem.
Perhaps reusing the context structure after calling it may have the
reverse effect.
2. It may not be an SSL problem at all. Can you remove the SSL calls
from your application and see if you still get the memory leak? Your
underlying telnet application may be the cause.
Good Luck,
Jeremy
Dr. Stephen Henson wrote:
[safeTgram (safetgram-in) receive status: NOT encrypted, NOT signed.]
On Thu, Jan 07, 2010, David wrote:
Hi,
I'm using tn3270 sessions running over SSL. I may have up to 124 sessions activated concurrently, although I plan to get up to 250 sessions at some point.
Whenever the sessions are stopped and restarted, I notice intermittently that memory grows in multiples of 4K bytes.
I'm running on AIX 5.1, 5.2 and 5.3 and using openssl-0.9.8l.
There doesn't appear to be an obvious memory leak in either my application or the OpenSSL stuff (all memory allocated when the sessions are started are freed when the sessions are stopped).
Here's a summary of the code structure:
SSL_library_init();
meth = TLSv1_client_method();
RAND_seed();
ctx = SSL_CTX_new(meth);
while ([some telnet connection wants to do SSL])
{
ssl = SSL_new(ctx);
SSL_set_fd()
SSL_set_cipher_list();
SSL_set_connect_state();
SSL_connect();
do SSL_read(), SSL_write()
SSL_shutdown();
close FD;
SSL_free();
CRYPTO_cleanup_all_ex_data();
}
Any ideas would be appreciated.
Thanks,
David
Some cleanups occur on each connection and others only when the application
shuts down.
You should *not* call CRYPTO_cleanup_all_ex_data() on every SSL connection
because later SSL connections may use it and end up not freeing data
correctly.
This is especially an issue if connections use compression (OpenSSL compiled
against zlib) as it is by default in some linux distributions.
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
--
"The most likely way for the world to be destroyed, most experts agree,
is by accident. That's where we come in; we're computer professionals.
We cause accidents." -- Nathaniel Borenstein, co-creator of MIME
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
