On 23/03/17 13:19, Mody, Darshan (Darshan) wrote:
> Can you further elaborate?
> What we did is to create a TLS connection and with invalid
> certificates from the client and server on verification would reject
> the certificate. The cipher negotiated was ECDHE cipher between
> client and server.
> This was done with load (multiple while 1 script trying to connect to
> server using invalid certificates and in course of time the memory
> was increasing).

Without being able to recreate the problem its going to be very
difficult/impossible for us to fix it (assuming the problem is in
OpenSSl itself). We would need some simple reproducer code that
demonstrates the problem occurring.


> Thanks Darshan
> -----Original Message----- From: openssl-dev
> [mailto:openssl-dev-boun...@openssl.org] On Behalf Of Matt Caswell 
> Sent: Thursday, March 23, 2017 4:09 PM To: openssl-dev@openssl.org 
> Subject: Re: [openssl-dev] Memory leak in application when we use
> On 23/03/17 10:13, Mody, Darshan (Darshan) wrote:
>> Matt,
>> Even after accounting for the EC_KEY we still observe some leak.
>> The leak started after we started using supporting EC with
>> callback SSL_set_tmp_ecdh_callback().
>> The core dump shows  the string data of the far-end certificates.
>> I cannot pin point  the code in openssl with this regard.
> Are you able to create a simple reproducer demonstrating the problem 
> with the callback?
> Matt
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Reply via email to