Kevin,
Valgrind apparently is a Linux based tool, but I'm having this problem on
AIX. I actually have a simple memory leak finder that showed that SSL did
not have an obvious memory leak. It looks like most, if not all memory
management functions for SSL goes thru CRYPTO_malloc(), CRYPTO_realloc() and
CRYPTO_free() and their variants. I found a couple of calloc()s elsewhere,
but it looks like everything else got covered in these functions.
So pretty much, when memory is allocated (or reallocated) I put it on a
linked list. When it is freed, I remove it from the list. After all my
sessions have stopped, I see that my linked list hasn't grown from the
previous run.
I'm a bit suspicious about the realloc()s, since this is can be a source of
memory fragmentation. However, what is curious is that I don't see this
problem on Solaris.
IBM has a product called PURIFYPLUS for detecting memory leaks. Perhaps I'll
see if I can run it with the application and see if it shows up anything.
Thanks,
David
--------------------------------------------------
From: "Kevin Regan" <k.re...@f5.com>
Sent: Monday, January 11, 2010 3:19 PM
To: <openssl-users@openssl.org>
Subject: RE: memory growing when using SSL connections
I had a similar issue that was fixed by moving the
CRYPTO_cleanup_all_ex_data command to the end of the application (as has
been suggested). Have you tried running Valgrind with the application?
This may tell you where the memory leak is occurring.
--Kevin
p.s. You will need to compile OpenSSL with the -DPURIFY option (and you
may need to grab a recent patch that I mailed to openssl-dev to
get -DPURIFY working properly).
--Kevin
-----Original Message-----
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of David
Sent: Monday, January 11, 2010 11:48 AM
To: openssl-users@openssl.org
Subject: Re: memory growing when using SSL connections
Hi Jeremy,
I did try removing the CRYPTO_cleanup_all_ex_data() call, based on Dr.
Henson's response, but I still have the same problem.
I bypassed the SSL calls and used pure telnet to my server and there
were no signs of the application growing.
Incidentally, I don't see this problem when running on a Solaris box.
Perhaps, it has something to do with the AIX environment.
Regards,
David
--------------------------------------------------
From: "Jeremy Hunt" <jere...@optimation.com.au>
Sent: Sunday, January 10, 2010 6:56 PM
To: <openssl-users@openssl.org>
Subject: Re: memory growing when using SSL connections
Hi David et al,
On reading the responses so far two new thoughts occur to me:
1. In view of Dr Henson's response, I wonder if removing the
CRYPTO_cleanup_all_ex_data() call in your loop will fix the problem.
Perhaps reusing the context structure after calling it may have the
reverse effect.
2. It may not be an SSL problem at all. Can you remove the SSL calls from
your application and see if you still get the memory leak? Your
underlying
telnet application may be the cause.
Good Luck,
Jeremy
Dr. Stephen Henson wrote:
[safeTgram (safetgram-in) receive status: NOT encrypted, NOT signed.]
On Thu, Jan 07, 2010, David wrote:
Hi,
I'm using tn3270 sessions running over SSL. I may have up to 124
sessions activated concurrently, although I plan to get up to 250
sessions at some point.
Whenever the sessions are stopped and restarted, I notice
intermittently
that memory grows in multiples of 4K bytes.
I'm running on AIX 5.1, 5.2 and 5.3 and using openssl-0.9.8l. There
doesn't appear to be an obvious memory leak in either my application or
the OpenSSL stuff (all memory allocated when the sessions are started
are freed when the sessions are stopped).
Here's a summary of the code structure:
SSL_library_init();
meth = TLSv1_client_method();
RAND_seed();
ctx = SSL_CTX_new(meth);
while ([some telnet connection wants to do SSL])
{
ssl = SSL_new(ctx);
SSL_set_fd()
SSL_set_cipher_list(); SSL_set_connect_state();
SSL_connect();
do SSL_read(), SSL_write()
SSL_shutdown();
close FD;
SSL_free();
CRYPTO_cleanup_all_ex_data();
}
Any ideas would be appreciated. Thanks,
David
Some cleanups occur on each connection and others only when the
application
shuts down.
You should *not* call CRYPTO_cleanup_all_ex_data() on every SSL
connection
because later SSL connections may use it and end up not freeing data
correctly.
This is especially an issue if connections use compression (OpenSSL
compiled
against zlib) as it is by default in some linux distributions.
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
--
"The most likely way for the world to be destroyed, most experts agree,
is
by accident. That's where we come in; we're computer professionals. We
cause accidents." -- Nathaniel Borenstein, co-creator of MIME
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
