Hello, Attempting to find a memory leak in my application, I wrote a simple test server to narrow the leak down to the NSS code. It seems that if I call SSL_ConfigSecureServer() on the client socket rather than the listener, it leaks memory during every handshake. My socket listener code accepts client connections natively, then passes the file descriptors off to my NSS code, which wraps them using SSL_ImportFD() and SSL_ConfigSecureServer(). From what I've read elsewhere on this list, this method is supported. If I simply move the SSL_ConfigSecureServer() call (along with the cert/key stuff) to the listener FD, everything is fine. Unfortunately, doing this would involve a major change to the design of our application. I'm using 3.11.4/4.6.4 for production, but have also verified this with 3.12.4/4.8.
Is there something else I should be doing to ensure proper cleanup? Thanks, Mark Manes
-- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
