Freeing internal SSL buffers?

[ethrbunny]

I have OpenSSL running inside of a SOCKET based server to encrypt the IO. Im
finding that over time the memory use in the process grows w/re the amount
of data served over the socket. When the 'listening' socket closes
gracefully  I see a small leak but nothing like the amount of growth that I
see in the process list.

When the process closes I see the following leak msg:
Detected memory leaks!
Dumping objects ->
{4956} normal block at 0x00E8BC10, 12 bytes long.
 Data: <0        "  > 30 BE E8 00 00 00 00 00 9C 22 02 00 
{4955} normal block at 0x00E8D288, 64 bytes long.
 Data: <                > 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
{4954} normal block at 0x00E8BB70, 96 bytes long.
 Data: <    ` @ P @     > 88 D2 E8 00 60 D9 40 00 50 D9 40 00 08 00 00 00 
{4953} normal block at 0x00E8BE30, 396 bytes long.
 Data: < *              > 0C 2A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
{2128} normal block at 0x00E8AD38, 16 bytes long.
 Data: <                > 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
{2127} normal block at 0x00E8AC50, 20 bytes long.
 Data: <    8           > 00 00 00 00 38 AD E8 00 01 00 00 00 04 00 00 00 
Object dump complete.

This amount stays the same whether I handle 1 or 100 incoming SOCKET
requests. The process memory keeps growing though. I can repair the first
four lines of the leak if I comment out my call to
'SSL_CTX_use_certificate'. Watching the process space in the app shows that
my (self signed) certificate is being copied into the SSL_CTX buffer but
never being freed. Im guessing there is a refcount somewhere that Im not
seeing / releasing.

Im wondering if there is a 'free buffer' command to tell OpenSSL to flush
its memory? I will be (ultimately) serving a large quantity of data and need
to keep the memory usage under control. 

EDIT: I added 'SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF); ' -
this seems to fix some of the problem of the buffer growth. I still have a
problem with this though.


-- 
View this message in context: 
http://www.nabble.com/Freeing-internal-SSL-buffers--tp15143993p15143993.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]