I had a similar issue that was fixed by moving the CRYPTO_cleanup_all_ex_data command to the end of the application (as has been suggested). Have you tried running Valgrind with the application? This may tell you where the memory leak is occurring.
--Kevin p.s. You will need to compile OpenSSL with the -DPURIFY option (and you may need to grab a recent patch that I mailed to openssl-dev to get -DPURIFY working properly). --Kevin -----Original Message----- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of David Sent: Monday, January 11, 2010 11:48 AM To: openssl-users@openssl.org Subject: Re: memory growing when using SSL connections Hi Jeremy, I did try removing the CRYPTO_cleanup_all_ex_data() call, based on Dr. Henson's response, but I still have the same problem. I bypassed the SSL calls and used pure telnet to my server and there were no signs of the application growing. Incidentally, I don't see this problem when running on a Solaris box. Perhaps, it has something to do with the AIX environment. Regards, David -------------------------------------------------- From: "Jeremy Hunt" <jere...@optimation.com.au> Sent: Sunday, January 10, 2010 6:56 PM To: <openssl-users@openssl.org> Subject: Re: memory growing when using SSL connections > Hi David et al, > > On reading the responses so far two new thoughts occur to me: > > 1. In view of Dr Henson's response, I wonder if removing the > CRYPTO_cleanup_all_ex_data() call in your loop will fix the problem. > Perhaps reusing the context structure after calling it may have the > reverse effect. > > 2. It may not be an SSL problem at all. Can you remove the SSL calls from > your application and see if you still get the memory leak? Your underlying > telnet application may be the cause. > > Good Luck, > > Jeremy > > Dr. Stephen Henson wrote: >> [safeTgram (safetgram-in) receive status: NOT encrypted, NOT signed.] >> >> >> On Thu, Jan 07, 2010, David wrote: >> >> >>> Hi, >>> >>> I'm using tn3270 sessions running over SSL. I may have up to 124 >>> sessions activated concurrently, although I plan to get up to 250 >>> sessions at some point. >>> Whenever the sessions are stopped and restarted, I notice intermittently >>> that memory grows in multiples of 4K bytes. >>> I'm running on AIX 5.1, 5.2 and 5.3 and using openssl-0.9.8l. There >>> doesn't appear to be an obvious memory leak in either my application or >>> the OpenSSL stuff (all memory allocated when the sessions are started >>> are freed when the sessions are stopped). >>> Here's a summary of the code structure: >>> >>> SSL_library_init(); >>> meth = TLSv1_client_method(); >>> RAND_seed(); >>> ctx = SSL_CTX_new(meth); >>> >>> while ([some telnet connection wants to do SSL]) >>> { >>> ssl = SSL_new(ctx); >>> SSL_set_fd() >>> SSL_set_cipher_list(); SSL_set_connect_state(); >>> SSL_connect(); >>> do SSL_read(), SSL_write() >>> SSL_shutdown(); >>> close FD; >>> SSL_free(); >>> CRYPTO_cleanup_all_ex_data(); >>> } >>> Any ideas would be appreciated. Thanks, >>> David >>> >> >> Some cleanups occur on each connection and others only when the >> application >> shuts down. >> >> You should *not* call CRYPTO_cleanup_all_ex_data() on every SSL >> connection >> because later SSL connections may use it and end up not freeing data >> correctly. >> >> This is especially an issue if connections use compression (OpenSSL >> compiled >> against zlib) as it is by default in some linux distributions. >> >> Steve. >> -- >> Dr Stephen N. Henson. OpenSSL project core developer. >> Commercial tech support now available see: http://www.openssl.org >> ______________________________________________________________________ >> OpenSSL Project http://www.openssl.org >> User Support Mailing List openssl-users@openssl.org >> Automated List Manager majord...@openssl.org >> >> > > > -- > > "The most likely way for the world to be destroyed, most experts agree, is > by accident. That's where we come in; we're computer professionals. We > cause accidents." -- Nathaniel Borenstein, co-creator of MIME > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
