> Ii noticed that in the SSL_CTX setup code for each server you pre-create
> temporary RSA and DH keys and set them into the SSLModConfigRec
> structure but nowhere do you free up the keys by calling RSA/DH_free().
> Is there some thought behind this or is this because you expect the OS
> to clean up memory when application terminates? Can this be a potential
> leak?
The keys are actually stored twice: Once as ASN.1/DER encoded bytes
and once as the internal OpenSSL structures. The call to RSA_free()
and DH_free() _is_ done in ssl_init_TmpKeysHandle(). And the ASN.1/DER
buffers are freed implicitly by Apache for mod_ssl, because the
buffers were allocated from one of Apache's memory pools (see for
``ap_palloc(mc->pPool, ...)'' calls). So there should be no memory leak.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
