[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: TLS client certificates and memory use
Quanah Gibson-Mount wrote:
> --On Tuesday, November 25, 2008 7:24 PM -0500 David Hawes
> <dhawes@vt.edu> wrote:
>
>> I was doing some testing and noticed that when I search for entries
>> using TLS, significantly more memory is used when using client
>> certificates than without them. In fact, memory will eventually be
>> exhausted if the searches are performed indefinitely. Without using
>> them, memory use stays (around) the same value.
>>
>> I stripped down the config, removed all ACLs except one (to disallow
>> access), and started with an empty database, and get the same results.
>>
>> I've noticed this in 2.4.11, 2.4.12, and 2.4.13 with OpenSSL 0.9.8i. I
>> do not notice it with an old 2.3.39 instance.
>>
>> Has anyone noticed anything similar, or can anyone reproduce this?
>
> Have you run OpenLDAP in this situation under valgrind to see where the
> leak is occurring?
I have not, but I intend to do that next. I'll be sure to post the results.