Can you further elaborate? What we did is to create a TLS connection and with invalid certificates from the client and server on verification would reject the certificate. The cipher negotiated was ECDHE cipher between client and server.
This was done with load (multiple while 1 script trying to connect to server using invalid certificates and in course of time the memory was increasing). Thanks Darshan -----Original Message----- From: openssl-dev [mailto:openssl-dev-boun...@openssl.org] On Behalf Of Matt Caswell Sent: Thursday, March 23, 2017 4:09 PM To: openssl-dev@openssl.org Subject: Re: [openssl-dev] Memory leak in application when we use ECDH On 23/03/17 10:13, Mody, Darshan (Darshan) wrote: > Matt, > > Even after accounting for the EC_KEY we still observe some leak. The > leak started after we started using supporting EC with callback > SSL_set_tmp_ecdh_callback(). > > The core dump shows the string data of the far-end certificates. I > cannot pin point the code in openssl with this regard. Are you able to create a simple reproducer demonstrating the problem with the callback? Matt -- openssl-dev mailing list To unsubscribe: https://urldefense.proofpoint.com/v2/url?u=https-3A__mta.openssl.org_mailman_listinfo_openssl-2Ddev&d=DwICAg&c=BFpWQw8bsuKpl1SgiZH64Q&r=bsEULbVnjelD7InzgsegHBEbtXzaIDagy9EuEhJrKfQ&m=bLfMhjtc7o6YlbbKPhSGSKPuhTJsYubiC_LV17YO3do&s=CIdcV48IKxBzbTWaEpB4zcKDD76FwUj3wuMFrxa50UY&e= -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
