Opened 9 years ago

Closed 8 years ago

#117 closed Bug / Defect (notabug)

possible memory leak

Reported by: ycflash Owned by:
Priority: major Milestone:
Component: Generic / unclassified Version: OpenVPN 2.1.4 (Community Ed)
Severity: Not set (select this one, unless your'e a OpenVPN developer) Keywords:


Use openvpn 2.1.4 on an i686 linux server with server configuration attached bellow, openvpn will allocate memory very quickly, in less than 1 minute it will allocate 1M memory. The concurrent users are less than 10.

This is might be memory leak. Server config bellow:
port 1194
proto tcp
dev tap
ca ca.crt
cert gw2.crt
key gw2.key # This file should be kept secret
crl-verify crl.pem
dh dh1024.pem
ifconfig-pool-persist ipp.txt
push "route"
push "dhcp-option DNS"
push "dhcp-option DNS"
keepalive 10 120
tls-auth ta.key #0
user nobody
group nobody
status openvpn-status.log
log /var/log/openvpn.log
verb 4

reneg-sec 60
script-security 2
plugin /usr/share/openvpn/plugin/lib/ "login login USERNAME password PASSWORD"

#log Cert CN and username
client-connect /etc/openvpn/
client-disconnect /etc/openvpn/

Change History (4)

comment:1 Changed 9 years ago by David Sommerseth

Can you please try the same configuration without --plugin, --client-connect and --client-disconnect? And if you don't see the memory leaks with this configuration, enable these features one-by-one, to see which if them to blame.

Also try without --username-as-common-name, even though this one is less likely to be the reason.

comment:2 Changed 9 years ago by ycflash

dazo, I tried your suggestions found the plugin lead the memory leak.

comment:3 Changed 9 years ago by David Sommerseth

Do OpenVPN use more than 1MB extra when it runs for a longer time? Ie. is the memory usage steadily increasing and never decreasing?

It is expected that plug-ins do use some memory. The auth-pam plug-in do also fork out a child process, iirc. This will take some extra memory. But the memory usage should not only grow over time, it should stabilise on a level when you have al users logged in.

If you also have possibility to test this on the 2.2.0 release, that'd be great. I don't believe the behaviour have changed much, but there are some minor patches which hits your code paths.

comment:4 Changed 8 years ago by David Sommerseth

Resolution: notabug
Status: newclosed

Closing due to lack of response.

Note: See TracTickets for help on using tickets.