[openssl-dev] Memory leak in application when we use ECDH

Mody, Darshan (Darshan) darshanmody at avaya.com
Thu Mar 23 14:10:18 UTC 2017 

Thanks Richard and Matt,

I will patch it and send the patch. It will take me couple of days.

Regards
Darshan

-----Original Message-----
From: openssl-dev [mailto:openssl-dev-bounces at openssl.org] On Behalf Of Richard Levitte
Sent: Thursday, March 23, 2017 7:31 PM
To: openssl-dev at openssl.org
Subject: Re: [openssl-dev] Memory leak in application when we use ECDH

I think that Matt is asking for example code that exhibits this leak.
You could patch apps/s_server.c with your callback, or ssl/ssltest.c, and give us that patch.

The reason is that we can't know what assumptions you're going with in your callback or application, so if we code an example together, it will be with Our conditions, not yours, and therefore a pretty bad method to figure this out.

Cheers,
Richard

In message <25D2EC755404B4409F263AC6D050FEBB2A10781E at AZ-FFEXMB03.global.avaya.com> on Thu, 23 Mar 2017 13:47:10 +0000, "Mody, Darshan (Darshan)" <darshanmody at avaya.com> said:

darshanmody> Matt,
darshanmody> 
darshanmody> Below is the scenario.
darshanmody> 
darshanmody> 1. Have server open a listen socket which always validates the client certificate and chain.
darshanmody> 2. On server support ECDHE using callback. Ensure the EC_KEY passed to openssl from app is cleaned up by the app.
darshanmody> 3. Connect client with certificates that server does not trust.
darshanmody> 4. The connections from client to server fails
darshanmody> 
darshanmody> In course of time the app running the server has been leaking. Even after accounting for the EC_KEY passed by the server app to openssl we find there seems to be leak. Further investigation on the core dumps generated from the server app shows that it has the certificates from the client saved.
darshanmody> 
darshanmody> Hope this helps
darshanmody> 
darshanmody> Thanks
darshanmody> Darshan
darshanmody> 
darshanmody> -----Original Message-----
darshanmody> From: openssl-dev [mailto:openssl-dev-bounces at openssl.org] 
darshanmody> On Behalf Of Matt Caswell
darshanmody> Sent: Thursday, March 23, 2017 6:55 PM
darshanmody> To: openssl-dev at openssl.org
darshanmody> Subject: Re: [openssl-dev] Memory leak in application when 
darshanmody> we use ECDH
darshanmody> 
darshanmody> 
darshanmody> 
darshanmody> On 23/03/17 13:19, Mody, Darshan (Darshan) wrote:
darshanmody> > Can you further elaborate?
darshanmody> > 
darshanmody> > What we did is to create a TLS connection and with 
darshanmody> > invalid certificates from the client and server on 
darshanmody> > verification would reject the certificate. The cipher 
darshanmody> > negotiated was ECDHE cipher between client and server.
darshanmody> > 
darshanmody> > This was done with load (multiple while 1 script trying 
darshanmody> > to connect to server using invalid certificates and in 
darshanmody> > course of time the memory was increasing).
darshanmody> 
darshanmody> Without being able to recreate the problem its going to be very difficult/impossible for us to fix it (assuming the problem is in OpenSSl itself). We would need some simple reproducer code that demonstrates the problem occurring.
darshanmody> 
darshanmody> Matt
darshanmody> 
darshanmody> 
darshanmody> > 
darshanmody> > Thanks Darshan
darshanmody> > 
darshanmody> > -----Original Message----- From: openssl-dev 
darshanmody> > [mailto:openssl-dev-bounces at openssl.org] On Behalf Of 
darshanmody> > Matt Caswell
darshanmody> > Sent: Thursday, March 23, 2017 4:09 PM To: 
darshanmody> > openssl-dev at openssl.org
darshanmody> > Subject: Re: [openssl-dev] Memory leak in application 
darshanmody> > when we use ECDH
darshanmody> > 
darshanmody> > 
darshanmody> > 
darshanmody> > On 23/03/17 10:13, Mody, Darshan (Darshan) wrote:
darshanmody> >> Matt,
darshanmody> >> 
darshanmody> >> Even after accounting for the EC_KEY we still observe some leak.
darshanmody> >> The leak started after we started using supporting EC 
darshanmody> >> with callback SSL_set_tmp_ecdh_callback().
darshanmody> >> 
darshanmody> >> The core dump shows  the string data of the far-end certificates.
darshanmody> >> I cannot pin point  the code in openssl with this regard.
darshanmody> > 
darshanmody> > Are you able to create a simple reproducer demonstrating 
darshanmody> > the problem with the callback?
darshanmody> > 
darshanmody> > Matt
darshanmody> > 
darshanmody> --
darshanmody> openssl-dev mailing list
darshanmody> To unsubscribe: 
darshanmody> https://urldefense.proofpoint.com/v2/url?u=https-3A__mta.op
darshanmody> enssl.org_mailman_listinfo_openssl-2Ddev&d=DwICAg&c=BFpWQw8
darshanmody> bsuKpl1SgiZH64Q&r=bsEULbVnjelD7InzgsegHBEbtXzaIDagy9EuEhJrK
darshanmody> fQ&m=VbrRgO8PZIVkFM4PjeK7TEgKDHnbLu_QfbyqRhmvx8I&s=u0cR7sQf
darshanmody> _Zz8FoCnrzgLc3drBSR8Ou1qDUyxV8z1xYQ&e=
darshanmody> --
darshanmody> openssl-dev mailing list
darshanmody> To unsubscribe: 
darshanmody> https://urldefense.proofpoint.com/v2/url?u=https-3A__mta.op
darshanmody> enssl.org_mailman_listinfo_openssl-2Ddev&d=DwICAg&c=BFpWQw8
darshanmody> bsuKpl1SgiZH64Q&r=bsEULbVnjelD7InzgsegHBEbtXzaIDagy9EuEhJrK
darshanmody> fQ&m=OtZlUFiavvOVqXL900IST85y3pZLikUdEgekBIIyZoI&s=3T5xlm8q
darshanmody> 92-eP1ItbDzGOU972l4wFrkJUgLrBNR4Qx8&e=
darshanmody> 
--
openssl-dev mailing list
To unsubscribe: https://urldefense.proofpoint.com/v2/url?u=https-3A__mta.openssl.org_mailman_listinfo_openssl-2Ddev&d=DwICAg&c=BFpWQw8bsuKpl1SgiZH64Q&r=bsEULbVnjelD7InzgsegHBEbtXzaIDagy9EuEhJrKfQ&m=OtZlUFiavvOVqXL900IST85y3pZLikUdEgekBIIyZoI&s=3T5xlm8q92-eP1ItbDzGOU972l4wFrkJUgLrBNR4Qx8&e=

More information about the openssl-dev mailing list