[stunnel-users] Possible leak in client.c:init_ssl()

Allex, Paul M (USA E D EA STS) paul.allex at siemens.com
Mon Apr 11 20:48:26 CEST 2011

Is it possible that this is related to

Basically, there is a memory leak in the code that creates pthreads.


-----Original Message-----
From: stunnel-users-bounces at stunnel.org
[mailto:stunnel-users-bounces at stunnel.org] On Behalf Of Michal Trojnara
Sent: Monday, April 11, 2011 10:13 AM
To: stunnel-users at stunnel.org
Subject: Re: [stunnel-users] Possible leak in client.c:init_ssl()

Sven Ulland wrote:
> Quick summary: Stunnel 4.35 configured with four services. As clients
> connect, the main stunnel process grows a lot in vsz/rss memory. With
> a lot of clients connecting, it quickly grows to several gigabytes
> rss.

Thank you very much for the report.  Stunnel does not call zlib
so OpenSSL should call the appropriate cleanup functions of zlib.

> The Massif log indicates that most of the memory is allocated through
> client.c:init_ssl(), by libssl and zlib. I haven't looked too much at
> the code yet, but could this be related to the high rate of connection
> resets/timeouts, combined with connection/session reuse?

I guess you're right.  A trivial workaround would be to build OpenSSL
without zlib.  8-)

BTW: What is your version of OpenSSL?

Best regards,
stunnel-users mailing list
stunnel-users at stunnel.org

More information about the stunnel-users mailing list