[squid-users] SSL bump memory leak

Amos Jeffries squid3 at treenet.co.nz
Tue Feb 23 17:30:36 UTC 2016


On 24/02/2016 4:31 a.m., Steve Hill wrote:
> 
> There are also a very small number of lines that look something like:
>     /C=US/ST=California/L=San Francisco/O=Wikimedia Foundation,
> Inc./CN=*.wikipedia.org+Sign=signTrusted+SignHash=SHA256
> I think the "+Sign=signTrusted+SignHash=SHA256" part would indicate that
> this is a Squid database key, which is very confusing since with the
> certificate cache disabled I wouldn't expect to see these at all.
> 

NP: Thats just the caching for re-use being disabled. If they are being
used at all then they should still be generated.

And a leak (real or pseudo) means they are still hanging around in
memory for some reason other than cert-cache references (being in the
cache by definition is not-leaking). For example as part of active TLS
sessions when the core was produced.

Amos



More information about the squid-users mailing list