>> More important... there are memory leaks in OCSP as Joachim Astel >> told. I managed to reproduce the issue bombarding the OCSPd with >> OpenSSL OCSP checks.
Here is the full collection of patches (latest versions) for both libpki 0.6.7 and openca-ocspd 2.1.1. They fix memory leaks and some functionality that was not working. Also added a "buffered response" to OCSP replies to improve number of network packets sent. I think they are *A MUST* to have all this working at all, so please Max, look at it to see if they can be merged into upstream.
openca_patches.tar.gz
Description: GNU Zip compressed data
------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________ Openca-Users mailing list Openca-Users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openca-users