Thank you all for your help. My problem did end up being my misunderstanding of the reference counting done by OpenSSL I was expecting that my X509*'s would get freed when I freed my SSL_CTX but that was an incorrect expectation because I still had a reference to those X509*'s in a vector.
This conversation also helped me find some other places where I wasn't properly freeing reference counted OpenSSL structures. Thanks for the help! Charles A. Barbe Senior Software Engineer Allworx, a Windstream company 245 East Main St | Rochester NY | 14604 charles.ba...@allworx.com | 585.421.5565 ________________________________________ From: owner-openssl-us...@openssl.org [owner-openssl-us...@openssl.org] on behalf of Dr. Stephen Henson [st...@openssl.org] Sent: Friday, November 21, 2014 1:40 PM To: openssl-users@openssl.org Subject: Re: Small memory leak on multithreaded server On Fri, Nov 21, 2014, Barbe, Charles wrote: > Yes... sorry, forgot to include this part of my shutdown sequence. One thing > I am noticing is that I do not call X409_free on my certs. I even have a > comment in my code saying that I am not freeing them because I think they > will be freed when the SSL_CTX is freed. Is that a correct assumption or > should I be calling X509 free on them explicitly? > If you have an explicit X509 structure and you call SSL_CTX_use_certificate then the reference count is increased and you have to free up the certificate. However I'm a bit confused by the output. It *looks* like it is associated with a certificate verification operation which could be cached certificates in a store. Do you perform any operations with an X509_STORE structure? Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
