Overview
Features
Download
Documentation
Community
Add-Ons & Services
The POCO C++ Libraries Blog

1.3.6 Progress

Filed under: Uncategorized by guenter at 22:30

This week I fixed a few more issues for the upcoming 1.3.6 release. Everything is in the 1.3.6 branch in SVN. There are a few more bugs that need to be fixed before we can release. One that’s particulary nasty is #2864380. The memory leak only occurs if client or server certificate validation is performed (Context::VERIFY_RELAXED or Context::VERIFY_STRICT). Now the strange thing is that the NetSSL code does nothing special in this case, it just affects the call to SSL_CTX_set_verify() in the Context constructor. So either the leak is in OpenSSL (which I don’t really believe), or we’re using OpenSSL in an inappropriate way. If anyone could take a look at this issue, this would be highly appreciated.

Update 2009-11-16: I found and fixed the NetSSL memory issue.

3 Comments »
  1. Thanks for the update!

    Comment by Seth on October 31, 2009, 12:48

  2. tried to run that test under Valgrind, but couldnt get it to work, it fails in so many ways under Linux ( client thread manages to start before server, throws exception. instert a delay and server starts throwing on socket::close because other side closed the connection etc. )

    Comment by kert on November 1, 2009, 23:48

  3. Hi,
    One thing that I notice with the SSL code is that most other programs call `SSL_CTX_set_options` at some point during a context setup. This function implements various fixups(*) supplied by openssl. Might I suggest adding `SSL_CTX_set_options (_pSSLContext, SSL_OP_ALL);` into Context.cpp somewhere as soon after `SSL_CTX_new` as possible.

    I’ll add more comments with any other ideas I have.

    (*) info about this function and the fixups can be found here:
    http://www.openssl.org/docs/ssl/SSL_CTX_set_options.html

    Thanks,

    Alex

    Comment by Alex on November 13, 2009, 04:28

RSS RSS feed for comments on this post. TrackBack URI

Leave a comment