I have narrowed it down to the function BN_BLINDING_new in the file crypto\bn\bn_blind.c, the memory allocated for the BN_BLINDING structure never gets freed. I am assuming that the BIGNUM structures allocated with BN_new inside of BN_BLINDING never gets freed also.
Here are my test results after running 24 hours monitoring the OPENSSL_malloc and OPENSSL_free calls: 1. BN_BLINDING – allocations 53,615, frees 0, outstanding 53,615 2. BN_new – allocations 8,347,200, frees 8,127,872 outstanding 219,328 3. I also track the heap and it grows proportional to the lack of BN frees 4. This bug has been re-produced in OpenSSL 0.9.79(b&c) in Apache/mod_ssl/OpenSSL - Apache 2.0.48 Is there anyone out there willing to help out that understands the big number code? Can anyone at least tell me if Apache/mod_ssl/OpenSSL needs to initialize some kind of callback? Like CRYPTO_set_locking_callback <- Just an example, this is in the code, are there any other callbacks anyone can think of to get the OpenSSL code to release the BN memory? ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
