<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
Any chance of running your server under valgrind or similar?<br>
This should make the leaks more concrete.<br>
<br>
<br>
Pauli<br>
<br>
<div class="moz-cite-prefix">On 10/4/22 6:07 pm, Ram Chandra via
openssl-users wrote:<br>
</div>
<blockquote type="cite"
cite="mid:574766159.202701.1649578061867@mail.yahoo.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div class="ydpb90e331yahoo-style-wrap"
style="font-family:Helvetica Neue, Helvetica, Arial,
sans-serif;font-size:16px;">
<div><br>
</div>
<div><span style="color: rgb(38, 40, 42);">Hi, </span><br>
</div>
</div>
<div id="ydp5713cda3yahoo_quoted_0130031240"
class="ydp5713cda3yahoo_quoted">
<div style="font-family:'Helvetica Neue', Helvetica, Arial,
sans-serif;font-size:13px;color:#26282a;">
<div>
<div id="ydp5713cda3yiv7160478913">
<div style="font-family:Helvetica Neue, Helvetica, Arial,
sans-serif;font-size:16px;"
class="ydp5713cda3yiv7160478913yahoo-style-wrap">
<div dir="ltr">
<div>
<div dir="ltr">I have recently started developing
using OpenSSL and i am confused/unclear about
below topic.</div>
<div dir="ltr"><br>
</div>
<div dir="ltr">Request you to help me.</div>
<div dir="ltr"><br>
</div>
<div>I am running a DTLS Server which handles more
than 1000 connections.</div>
<div dir="ltr">The problem i am facing is every time
I close connections and also connect again I see
there is some RAM memory utilization increases.</div>
<div><br>
</div>
<div>I wonder there is a leak in memory from my
below approach of calling functions</div>
<div>"Initialize_Sever_Context" , </div>
<div>"create_connexion" and </div>
<div>"close_connexion". </div>
<div><br>
</div>
<div>The exact code is too big to create actual
scenario, so i just outlined the steps.</div>
<div><br>
</div>
<div>Pls let me know if any extra information is
required?</div>
<div><br>
</div>
<div>I am using OpenSSL version 1.1.1k on Linux.</div>
<div><br>
</div>
<div>//connect_info structure user defined</div>
<div>{</div>
<div> void* sll;</div>
<div> void* bio;</div>
<div> ....</div>
<div>}array_of_connections</div>
<div><br>
</div>
<div>*connect_info = &array_of_connections;</div>
<div>// global</div>
<div>SSL_CTX* server_ctx;</div>
<div><br>
</div>
<div>Initialize_Sever_Context()</div>
<div>{</div>
<div> // server_ctx is global </div>
<div> server_ctx =
SSL_CTX_new(DTLS_server_method());</div>
<div> X509_VERIFY_PARAM *local_vpm =
X509_VERIFY_PARAM_new()</div>
<div><br>
</div>
<div> //setting verify flags, cookie flags and
cypher lists etc..</div>
<div> //....</div>
<div> SSL_CTX_set1_param(server_ctx, local_vpm);</div>
<div><span style="white-space:pre-wrap;"> </span>X509_VERIFY_PARAM_free(local_vpm);</div>
<div>}</div>
<div><br>
</div>
<div>create_connexion(connect_info)</div>
<div>{</div>
<div> // server_ctx is global</div>
<div> ssl = SSL_new(server_ctx);</div>
<div> </div>
<div> bio = BIO_new_dgram(handler, BIO_NOCLOSE);
//not sure it is ok to use BIO_CLOSE</div>
<div> ..</div>
<div> ..</div>
<div> SSL_set_bio(ssl, bio, bio);</div>
<div> </div>
<div> connect_info->ssl = ssl;</div>
<div> connect_info->bio = bio;</div>
<div><br>
</div>
<div>}</div>
<div>//pre connection close</div>
<div>handle_closed_connexions()</div>
<div>{</div>
<div> for(conn = 1; conn<MAX_CONN;conn++)</div>
<div> {</div>
<div> close_connexion(connect_info[conn]);</div>
<div> }</div>
<div>}</div>
<div>// frees the existing closed connections and
make SSL ready to handle new connections</div>
<div>close_connexion(connect_info)</div>
<div>{</div>
<div> // store prev ssl objects</div>
<div> SLL *local_ssl = connect_info -> ssl;</div>
<div> </div>
<div> // make setup ready for the next connexions</div>
<div> // and start listening</div>
<div> create_connexion(connect_info)</div>
<div><br>
</div>
<div> // free the previous closed connections</div>
<div dir="ltr"> // frees the <span><span
style="color:rgb(0, 0,
0);font-family:Helvetica, Arial,
sans-serif;font-size:16px;">server_ctx also
from inside</span></span></div>
<div> SSL_free(local_ssl);</div>
<div>}</div>
<div><br>
</div>
<div>Inside SSL_free we have
BIO_free_all(s->rbio), BIO_free_all(s->rbio)
and BIO_CTX_free(s->ctx) and finally
OPENSSL_free(s)</div>
<div><br>
</div>
<div>As far as i understand when we do SSL_free, all
the members(pointers) inside SLL object are freed.</div>
<div dir="ltr">So i expect the application to
crash.(because "server_ctx" is a global pointer
which will be set to "s->ctx" through function
SSL_new and also freed by SLL_free and after free
i am not setting</div>
<div>server_ctx = NULL also not calling
SSL_CTX_new(DTLS_server_method());)</div>
<div><br>
</div>
<div>But my application is working fine.</div>
<div><br>
</div>
<div>My doubt is , does OpenSSL cache the context
detail inside SSL, some where?</div>
<div><br>
</div>
<div>or </div>
<div><br>
</div>
<div>I Should set server_context to NULL and
allocate memory for every new connection which was
closed before?</div>
<div><br>
</div>
<div><br>
</div>
<div>Regards,</div>
<div>Chand</div>
<div><br>
</div>
</div>
<br>
</div>
</div>
</div>
</div>
</div>
</div>
</blockquote>
<br>
</body>
</html>