There appears to be a major memory leak in mod_ssl/OpenSSLHello, I encountered many memory leak trouble with OpenSSL. I used quite old versions (from 0.9.6c), so I don't know if this is relevant or not for you... Anyway I figured out that nobody seemed to ever call the CRYPTO_thread_cleanup(). I just added a call to that function, and the memory heap became clean. I hope the solution will be that simple in your case.
The OpenSSL code did not look robust to me on that matter... But I think that OpenSSL people are trying to (or did) improve the cleanup code. Adrien ----- Original Message ----- From: Avery, Ken To: [EMAIL PROTECTED] Sent: Friday, January 30, 2004 6:02 PM Subject: There appears to be a major memory leak in mod_ssl/OpenSSL I have been tracking this down for a couple of weeks and thought it was in the code my company is developing and it appears that is not the case. In order to eliminate our code from the mix and isolate the problem here is what I did: This was done on Windows and Linux: 1. Download the latest Apache from www.apache.org. 2. Download the latest OpenSSL from www.openssl.org. 3. Build them both, with apache add the mod_ssl option and also for Linux use the MPM worker module. 4. Install and modify the ssl.conf file ServerName value. 5. Run Apache (httpd) 6a. Run the Performance monitor on Windows and look at Private Bytes for the second Apache process. 6b. On Linux run top -p pid(httpd1) -p pid(http2) ... -p pid(httpN) watching the size of the processes 7. Set you browser to not cache requests and check for a new page every time. 8. Start fetching a page from https://localhost and keep refreshing the page. So far 3 other engineers have reproduced this test because they did not believe the problem could be in Apache mod_ssl/OpenSSL, they all verified that it leaks like a sieve. We were all trying to figure out why no one else has complained about such a huge leak so we ran another test. We tried using the prefork MPM and it turns out that worked fine. Based on the results it appears the OS is cleaning up memory for the prefork module and the threaded model never gets its memory freed. I have used a debugger on Windows and set break points on the CRYPTO_malloc and CRYPTO_free functions and have seen gobs of memory CRYPTO_malloc(ed) and not one time have I seen CRYPTO_free called. I was not sure if having the OS cleanup memory was part of the design (if indeed that is what is happening) or if there is potentially a problem in the OpenSSL memory management code. With all this said, I am by no means an expert on this code and could really use some help understanding what is going on here? Any and all help is appreciated, Ken --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.574 / Virus Database: 364 - Release Date: 29/01/2004 ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
