Quanah Gibson-Mount wrote:
--On Tuesday, November 25, 2008 7:24 PM -0500 David Hawes dhawes@vt.edu wrote:
I was doing some testing and noticed that when I search for entries using TLS, significantly more memory is used when using client certificates than without them. In fact, memory will eventually be exhausted if the searches are performed indefinitely. Without using them, memory use stays (around) the same value.
I stripped down the config, removed all ACLs except one (to disallow access), and started with an empty database, and get the same results.
I've noticed this in 2.4.11, 2.4.12, and 2.4.13 with OpenSSL 0.9.8i. I do not notice it with an old 2.3.39 instance.
Has anyone noticed anything similar, or can anyone reproduce this?
Have you run OpenLDAP in this situation under valgrind to see where the leak is occurring?
I have not, but I intend to do that next. I'll be sure to post the results.