<html><head></head><body><div class="ydpb90e331yahoo-style-wrap" style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;font-size:16px;"><div></div>
<div><br></div><div><span style="color: rgb(38, 40, 42);">Hi, </span><br></div></div><div id="ydp5713cda3yahoo_quoted_0130031240" class="ydp5713cda3yahoo_quoted"><div style="font-family:'Helvetica Neue', Helvetica, Arial, sans-serif;font-size:13px;color:#26282a;"><div><div id="ydp5713cda3yiv7160478913"><div style="font-family:Helvetica Neue, Helvetica, Arial, sans-serif;font-size:16px;" class="ydp5713cda3yiv7160478913yahoo-style-wrap"><div dir="ltr"><div><div dir="ltr">I have recently started developing using OpenSSL and i am confused/unclear about below topic.</div><div dir="ltr"><br></div><div dir="ltr">Request you to help me.</div><div dir="ltr"><br></div><div>I am running a DTLS Server which handles more than 1000 connections.</div><div dir="ltr">The problem i am facing is every time I close connections and also connect again I see there is some RAM memory utilization increases.</div><div><br></div><div>I wonder there is a leak in memory from my below approach of calling functions</div><div>"Initialize_Sever_Context" , </div><div>"create_connexion" and </div><div>"close_connexion". </div><div><br></div><div>The exact code is too big to create actual scenario, so i just outlined the steps.</div><div><br></div><div>Pls let me know if any extra information is required?</div><div><br></div><div>I am using OpenSSL version 1.1.1k on Linux.</div><div><br></div><div>//connect_info structure user defined</div><div>{</div><div> void* sll;</div><div> void* bio;</div><div> ....</div><div>}array_of_connections</div><div><br></div><div>*connect_info = &array_of_connections;</div><div>// global</div><div>SSL_CTX* server_ctx;</div><div><br></div><div>Initialize_Sever_Context()</div><div>{</div><div> // server_ctx is global </div><div> server_ctx = SSL_CTX_new(DTLS_server_method());</div><div> X509_VERIFY_PARAM *local_vpm = X509_VERIFY_PARAM_new()</div><div><br></div><div> //setting verify flags, cookie flags and cypher lists etc..</div><div> //....</div><div> SSL_CTX_set1_param(server_ctx, local_vpm);</div><div><span style="white-space:pre-wrap;"> </span>X509_VERIFY_PARAM_free(local_vpm);</div><div>}</div><div><br></div><div>create_connexion(connect_info)</div><div>{</div><div> // server_ctx is global</div><div> ssl = SSL_new(server_ctx);</div><div> </div><div> bio = BIO_new_dgram(handler, BIO_NOCLOSE); //not sure it is ok to use BIO_CLOSE</div><div> ..</div><div> ..</div><div> SSL_set_bio(ssl, bio, bio);</div><div> </div><div> connect_info->ssl = ssl;</div><div> connect_info->bio = bio;</div><div><br></div><div>}</div><div>//pre connection close</div><div>handle_closed_connexions()</div><div>{</div><div> for(conn = 1; conn<MAX_CONN;conn++)</div><div> {</div><div> close_connexion(connect_info[conn]);</div><div> }</div><div>}</div><div>// frees the existing closed connections and make SSL ready to handle new connections</div><div>close_connexion(connect_info)</div><div>{</div><div> // store prev ssl objects</div><div> SLL *local_ssl = connect_info -> ssl;</div><div> </div><div> // make setup ready for the next connexions</div><div> // and start listening</div><div> create_connexion(connect_info)</div><div><br></div><div> // free the previous closed connections</div><div dir="ltr"> // frees the <span><span style="color:rgb(0, 0, 0);font-family:Helvetica, Arial, sans-serif;font-size:16px;">server_ctx also from inside</span></span></div><div> SSL_free(local_ssl);</div><div>}</div><div><br></div><div>Inside SSL_free we have BIO_free_all(s->rbio), BIO_free_all(s->rbio) and BIO_CTX_free(s->ctx) and finally OPENSSL_free(s)</div><div><br></div><div>As far as i understand when we do SSL_free, all the members(pointers) inside SLL object are freed.</div><div dir="ltr">So i expect the application to crash.(because "server_ctx" is a global pointer which will be set to "s->ctx" through function SSL_new and also freed by SLL_free and after free i am not setting</div><div>server_ctx = NULL also not calling SSL_CTX_new(DTLS_server_method());)</div><div><br></div><div>But my application is working fine.</div><div><br></div><div>My doubt is , does OpenSSL cache the context detail inside SSL, some where?</div><div><br></div><div>or </div><div><br></div><div>I Should set server_context to NULL and allocate memory for every new connection which was closed before?</div><div><br></div><div><br></div><div>Regards,</div><div>Chand</div><div><br></div></div><br></div></div></div></div>
</div>
</div></body></html>