Hi,
I have recently started developing using OpenSSL and i am confused/unclear
about below topic.
Request you to help me.
I am running a DTLS Server which handles more than 1000 connections.The problem
i am facing is every time I close connections and also connect again I see
there is some RAM memory utilization increases.
I wonder there is a leak in memory from my below approach of calling
functions"Initialize_Sever_Context" , "create_connexion" and "close_connexion".
The exact code is too big to create actual scenario, so i just outlined the
steps.
Pls let me know if any extra information is required?
I am using OpenSSL version 1.1.1k on Linux.
//connect_info structure user defined{ void* sll; void* bio;
....}array_of_connections
*connect_info = &array_of_connections;// globalSSL_CTX* server_ctx;
Initialize_Sever_Context(){ // server_ctx is global server_ctx =
SSL_CTX_new(DTLS_server_method()); X509_VERIFY_PARAM *local_vpm =
X509_VERIFY_PARAM_new()
//setting verify flags, cookie flags and cypher lists etc.. //....
SSL_CTX_set1_param(server_ctx, local_vpm); X509_VERIFY_PARAM_free(local_vpm);}
create_connexion(connect_info){ // server_ctx is global ssl =
SSL_new(server_ctx); bio = BIO_new_dgram(handler, BIO_NOCLOSE); //not
sure it is ok to use BIO_CLOSE .. .. SSL_set_bio(ssl, bio, bio);
connect_info->ssl = ssl; connect_info->bio = bio;
}//pre connection closehandle_closed_connexions(){ for(conn = 1;
conn<MAX_CONN;conn++) { close_connexion(connect_info[conn]); }}//
frees the existing closed connections and make SSL ready to handle new
connectionsclose_connexion(connect_info){ // store prev ssl objects SLL
*local_ssl = connect_info -> ssl; // make setup ready for the next
connexions // and start listening create_connexion(connect_info)
// free the previous closed connections // frees the server_ctx also
from inside SSL_free(local_ssl);}
Inside SSL_free we have BIO_free_all(s->rbio), BIO_free_all(s->rbio) and
BIO_CTX_free(s->ctx) and finally OPENSSL_free(s)
As far as i understand when we do SSL_free, all the members(pointers) inside
SLL object are freed.So i expect the application to crash.(because "server_ctx"
is a global pointer which will be set to "s->ctx" through function SSL_new and
also freed by SLL_free and after free i am not settingserver_ctx = NULL also
not calling SSL_CTX_new(DTLS_server_method());)
But my application is working fine.
My doubt is , does OpenSSL cache the context detail inside SSL, some where?
or
I Should set server_context to NULL and allocate memory for every new
connection which was closed before?
Regards,Chand
