On 11/11/2014 02:32 PM, Jan Kaluža wrote:
Hi,
latest comment in PR 53435 shows that memory leak in mod_ssl which
happens during graceful restarts can be caused by r101624. Since this
commit is 11 years old, I wanted to ask people here, if following is
still true with current OpenSSL:
Hi,
little follow-up here, we have memory leak on reload in
ENGINE_load_builtin_engines which is caused by
<http://svn.apache.org/r654119>. Again, this is 6 years old commit which
may or may not be true. Does anyone know if it's still valid?
+ /* Also don't call CRYPTO_cleanup_all_ex_data here; any registered
+ * ex_data indices may have been cached in static variables in
+ * OpenSSL; removing them may cause havoc. Notably, with OpenSSL
+ * versions >= 0.9.8f, COMP_CTX cleanups would not be run, which
+ * could result in a per-connection memory leak (!). */
+
Regards,
Jan Kaluza
@@ -255,7 +255,11 @@ static apr_status_t ssl_cleanup_pre_config(void
*data)
#endif
#endif
ERR_remove_state(0);
- ERR_free_strings();
+
+ /* Don't call ERR_free_strings here; ERR_load_*_strings only
+ * actually load the error strings once per process due to static
+ * variable abuse in OpenSSL. */
+
/*
* TODO: determine somewhere we can safely shove out diagnostics
* (when enabled) at this late stage in the game:
Last comment in PR 53435 showed that leaks disappeared after reverting
this patch and it does not seem to break anything here.
Regards,
Jan Kaluza
