Any chance of running your server under valgrind or similar?
This should make the leaks more concrete.
Pauli
On 10/4/22 6:07 pm, Ram Chandra via openssl-users wrote:
Hi,
I have recently started developing using OpenSSL and i am
confused/unclear about below topic.
Request you to help me.
I am running a DTLS Server which handles more than 1000 connections.
The problem i am facing is every time I close connections and also
connect again I see there is some RAM memory utilization increases.
I wonder there is a leak in memory from my below approach of calling
functions
"Initialize_Sever_Context" ,
"create_connexion" and
"close_connexion".
The exact code is too big to create actual scenario, so i just
outlined the steps.
Pls let me know if any extra information is required?
I am using OpenSSL version 1.1.1k on Linux.
//connect_info structure user defined
{
void* sll;
void* bio;
....
}array_of_connections
*connect_info = &array_of_connections;
// global
SSL_CTX* server_ctx;
Initialize_Sever_Context()
{
// server_ctx is global
server_ctx = SSL_CTX_new(DTLS_server_method());
X509_VERIFY_PARAM *local_vpm = X509_VERIFY_PARAM_new()
//setting verify flags, cookie flags and cypher lists etc..
//....
SSL_CTX_set1_param(server_ctx, local_vpm);
X509_VERIFY_PARAM_free(local_vpm);
}
create_connexion(connect_info)
{
// server_ctx is global
ssl = SSL_new(server_ctx);
bio = BIO_new_dgram(handler, BIO_NOCLOSE); //not sure it is ok to
use BIO_CLOSE
..
..
SSL_set_bio(ssl, bio, bio);
connect_info->ssl = ssl;
connect_info->bio = bio;
}
//pre connection close
handle_closed_connexions()
{
for(conn = 1; conn<MAX_CONN;conn++)
{
close_connexion(connect_info[conn]);
}
}
// frees the existing closed connections and make SSL ready to handle
new connections
close_connexion(connect_info)
{
// store prev ssl objects
SLL *local_ssl = connect_info -> ssl;
// make setup ready for the next connexions
// and start listening
create_connexion(connect_info)
// free the previous closed connections
// frees the server_ctx also from inside
SSL_free(local_ssl);
}
Inside SSL_free we have BIO_free_all(s->rbio), BIO_free_all(s->rbio)
and BIO_CTX_free(s->ctx) and finally OPENSSL_free(s)
As far as i understand when we do SSL_free, all the members(pointers)
inside SLL object are freed.
So i expect the application to crash.(because "server_ctx" is a global
pointer which will be set to "s->ctx" through function SSL_new and
also freed by SLL_free and after free i am not setting
server_ctx = NULL also not calling SSL_CTX_new(DTLS_server_method());)
But my application is working fine.
My doubt is , does OpenSSL cache the context detail inside SSL, some
where?
or
I Should set server_context to NULL and allocate memory for every new
connection which was closed before?
Regards,
Chand
