Fw: Reg: Memory leaks Using OpenSSL API - Unsure

Ram Chandra rchandra612 at yahoo.com
Sun Apr 10 08:07:41 UTC 2022

I have recently started developing using OpenSSL and i am confused/unclear about below topic.
Request you to help me.
I am running a DTLS Server which handles more than 1000 connections.The problem i am facing is every time I close connections and also connect again I see there is some RAM memory utilization increases.
I wonder there is a leak in memory from my below approach of calling functions"Initialize_Sever_Context" , "create_connexion" and "close_connexion". 
The exact code is too big to create actual scenario, so i just outlined the steps.
Pls let me know if any extra information is required?
I am using OpenSSL version 1.1.1k on Linux.
//connect_info structure user defined{ void* sll; void* bio; ....}array_of_connections
*connect_info = &array_of_connections;// globalSSL_CTX* server_ctx;
Initialize_Sever_Context(){    // server_ctx is global     server_ctx = SSL_CTX_new(DTLS_server_method());    X509_VERIFY_PARAM *local_vpm = X509_VERIFY_PARAM_new()
    //setting verify flags, cookie flags and cypher lists etc..    //....    SSL_CTX_set1_param(server_ctx, local_vpm); X509_VERIFY_PARAM_free(local_vpm);}
create_connexion(connect_info){    // server_ctx is global    ssl = SSL_new(server_ctx);        bio = BIO_new_dgram(handler, BIO_NOCLOSE); //not sure it is ok to use BIO_CLOSE    ..    ..    SSL_set_bio(ssl, bio, bio);        connect_info->ssl = ssl;    connect_info->bio = bio;
}//pre connection closehandle_closed_connexions(){    for(conn = 1; conn<MAX_CONN;conn++)    {        close_connexion(connect_info[conn]);    }}// frees the existing closed connections and make SSL ready to handle new connectionsclose_connexion(connect_info){    // store prev ssl objects    SLL *local_ssl = connect_info -> ssl;        // make setup ready for the next connexions    // and start listening    create_connexion(connect_info)
    // free the previous closed connections    // frees the server_ctx also from inside    SSL_free(local_ssl);}
Inside SSL_free we have BIO_free_all(s->rbio), BIO_free_all(s->rbio) and BIO_CTX_free(s->ctx) and finally OPENSSL_free(s)
As far as i understand when we do SSL_free, all the members(pointers) inside SLL object are freed.So i expect the application to crash.(because "server_ctx" is a global pointer which will be set to "s->ctx" through function SSL_new and also freed by SLL_free and after free i am not settingserver_ctx = NULL also not calling SSL_CTX_new(DTLS_server_method());)
But my application is working fine.
My doubt is , does OpenSSL cache the context detail inside SSL, some where?
I Should set server_context to NULL and allocate memory for every new connection which was closed before?


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20220410/7ac4f2ca/attachment.htm>

More information about the openssl-users mailing list