On Mar 3, 2015, at 5:07 PM, Sam Hartman <hartmans@mit.edu> wrote:
First, where does SSL_free get called for the ssl created in tls_new_client_session? It seems that a talloc destructor is used for tls_new_session, but I don't see the logic that causes the session state to be freed for client sessions?
The underlying issue seems to be the function proxy_new_listener(). It called tls_new_client_session(), but didn’t set the parent properly. I’ll push a fix.
Secondly, I seem to be getting tls_new_client_session objects leaking some of the time. Causing errors like killing the process on the other end of the connection makes it more likely. I'm judging this because I do have a few sessions allocated on tls.c line 219 still around even after I've shut down the home server that the tls_session was for.
Yeah, it’s a parenting issue.
Why is the TLS client session hanging off the configuration talloc context not a socket context of some kind?
Bad code. I’ve pushed a fix. Alan DeKok.