On Wed, Jan 6, 2016 at 12:28 PM, jean-frederic clere <jfcl...@gmail.com> wrote: > On 12/15/2015 03:16 PM, Jan Kaluža wrote: >> On 12/15/2015 02:16 PM, Yann Ylavic wrote: >>> Hi Jan, >>> >>> On Tue, Dec 15, 2015 at 12:51 PM, Jan Kaluža <jkal...@redhat.com> wrote: >>>> >>>> I think I've just fixed that in <http://svn.apache.org/r1720129>. I will >>>> also propose that for 2.4.x and 2.2.x. >>> >>> Shouldn't we do the same for ecparams below? >> >> Probably yes, I was just checking the arguments which get passed to >> "SSL_CTX_set_*" functions. I think you are right we should call >> EC_GROUP_free there. > > According to my tests with trunk there is still a problem, the > ENGINE_cleanup() doesn't finish the engines, I have tried to use > CRYPTO_mem_leaks_fp() to find the leak but there are too many of them to > find where we miss a "free()". > > Any idea on the topic?
I just committed (r1723295) a fix for the leak mentioned above. Do you also use some custom ecparams in the certificate file? Regards, Yann.