[stunnel-users] Possible leak in client.c:init_ssl()
Allex, Paul M (USA E D EA STS)
paul.allex at siemens.com
Mon Apr 11 20:48:26 CEST 2011
Is it possible that this is related to
Basically, there is a memory leak in the code that creates pthreads.
From: stunnel-users-bounces at stunnel.org
[mailto:stunnel-users-bounces at stunnel.org] On Behalf Of Michal Trojnara
Sent: Monday, April 11, 2011 10:13 AM
To: stunnel-users at stunnel.org
Subject: Re: [stunnel-users] Possible leak in client.c:init_ssl()
Sven Ulland wrote:
> Quick summary: Stunnel 4.35 configured with four services. As clients
> connect, the main stunnel process grows a lot in vsz/rss memory. With
> a lot of clients connecting, it quickly grows to several gigabytes
Thank you very much for the report. Stunnel does not call zlib
so OpenSSL should call the appropriate cleanup functions of zlib.
> The Massif log indicates that most of the memory is allocated through
> client.c:init_ssl(), by libssl and zlib. I haven't looked too much at
> the code yet, but could this be related to the high rate of connection
> resets/timeouts, combined with connection/session reuse?
I guess you're right. A trivial workaround would be to build OpenSSL
without zlib. 8-)
BTW: What is your version of OpenSSL?
stunnel-users mailing list
stunnel-users at stunnel.org
More information about the stunnel-users