Yeesh.
Remember that big heinous memory leak in WebCit that I've been hunting, on and off, for a couple of months now?
I've found it.
I kept assuming that it had something to do with the way we were calling OpenSSL -- that we were using it in such a way that we were causing it to dereference pointers to some of its internal data structures.
Tonight I had one big "D'oh!" moment as I realized ... that our big beautiful endtls() function was only being called when an HTTP socket breaks for whatever reason. When an HTTP socket closes normally, it was just leaving the SSL session open, and throwing the memory away.
This has of course been fixed.
