<html>
<body>
<div style="font-family: Verdana, Arial, Helvetica, Sans-Serif;">
<table bgcolor="#f9f3c9" width="100%" cellpadding="8" style="border: 1px #c9c399 solid;">
<tr>
<td>
This is an automatically generated e-mail. To reply, visit:
<a href="https://reviewboard.asterisk.org/r/1875/">https://reviewboard.asterisk.org/r/1875/</a>
</td>
</tr>
</table>
<br />
<table bgcolor="#fefadf" width="100%" cellspacing="0" cellpadding="8" style="background-image: url('https://reviewboard.asterisk.org/media/rb/images/review_request_box_top_bg.png'); background-position: left top; background-repeat: repeat-x; border: 1px black solid;">
<tr>
<td>
<div>Review request for Asterisk Developers.</div>
<div>By Mark Michelson.</div>
<p style="color: grey;"><i>Updated April 18, 2012, 2:45 p.m.</i></p>
<h1 style="color: #575012; font-size: 10pt; margin-top: 1.5em;">Changes</h1>
<table width="100%" bgcolor="#ffffff" cellspacing="0" cellpadding="10" style="border: 1px solid #b8b5a0">
<tr>
<td>
<pre style="margin: 0; padding: 0; white-space: pre-wrap; white-space: -moz-pre-wrap; white-space: -pre-wrap; white-space: -o-pre-wrap; word-wrap: break-word;">Made Matt's suggested fix.
I created a new function called ast_ssl_teardown() that will free an SSL_CTX if it has been allocated. The only callers of this are the destructor for ast_tcptls_instance and when chan_sip unloads. manager.c and http.c also make use of standalone ast_tcptls_config structures, but those are core and not unloadable. They can have their configuration reloaded, but the changes I made in __ssl_setup() in tcptls.c fix the leak that would occur on reload.</pre>
</td>
</tr>
</table>
<h1 style="color: #575012; font-size: 10pt; margin-top: 1.5em;">Description </h1>
<table width="100%" bgcolor="#ffffff" cellspacing="0" cellpadding="10" style="border: 1px solid #b8b5a0">
<tr>
<td>
<pre style="margin: 0; padding: 0; white-space: pre-wrap; white-space: -moz-pre-wrap; white-space: -pre-wrap; white-space: -o-pre-wrap; word-wrap: break-word;">Based on information-gathering in issue ASTERISK-19278, it appears that Asterisk is misusing OpenSSL in a way that causes a slow memory leak. From combing through main/tcptls.c, it appears that one foul-up Asterisk has is to never free any SSL_CTXs that are created. I have patched __ssl_setup() to properly free the SSL_CTX if either
1) We're about to allocate a new one.
2) Some failure occurs during setup.
While I have no confirmation that this is the same memory leak being observed in ASTERISK-19278, this fix seems necessary anyway. I'm placing this patch on Review Board because my unfamiliarity with OpenSSL leads me to seek confirmation that what I am doing makes sense and will not cause issues.</pre>
</td>
</tr>
</table>
<h1 style="color: #575012; font-size: 10pt; margin-top: 1.5em;">Testing </h1>
<table width="100%" bgcolor="#ffffff" cellspacing="0" cellpadding="10" style="border: 1px solid #b8b5a0">
<tr>
<td>
<pre style="margin: 0; padding: 0; white-space: pre-wrap; white-space: -moz-pre-wrap; white-space: -pre-wrap; white-space: -o-pre-wrap; word-wrap: break-word;">No testing has been done aside from compilation. I will ask the reporter on ASTERISK-19278 to test to see if the memory leak appears to go away.</pre>
</td>
</tr>
</table>
<div style="margin-top: 1.5em;">
<b style="color: #575012; font-size: 10pt; margin-top: 1.5em;">Bugs: </b>
<a href="https://issues.asterisk.org/jira/browse/ASTERISK-19278">ASTERISK-19278</a>
</div>
<h1 style="color: #575012; font-size: 10pt; margin-top: 1.5em;">Diffs</b> (updated)</h1>
<ul style="margin-left: 3em; padding-left: 0;">
<li>/branches/1.8/channels/chan_sip.c <span style="color: grey">(362427)</span></li>
<li>/branches/1.8/include/asterisk/tcptls.h <span style="color: grey">(362427)</span></li>
<li>/branches/1.8/main/tcptls.c <span style="color: grey">(362427)</span></li>
</ul>
<p><a href="https://reviewboard.asterisk.org/r/1875/diff/" style="margin-left: 3em;">View Diff</a></p>
</td>
</tr>
</table>
</div>
</body>
</html>