Opened 13 years ago
Closed 12 years ago
#117 closed Bug / Defect (notabug)
possible memory leak
Reported by: | ycflash | Owned by: | |
---|---|---|---|
Priority: | major | Milestone: | |
Component: | Generic / unclassified | Version: | OpenVPN 2.1.4 (Community Ed) |
Severity: | Not set (select this one, unless your'e a OpenVPN developer) | Keywords: | |
Cc: |
Description
Use openvpn 2.1.4 on an i686 linux server with server configuration attached bellow, openvpn will allocate memory very quickly, in less than 1 minute it will allocate 1M memory. The concurrent users are less than 10.
This is might be memory leak. Server config bellow:
port 1194
proto tcp
dev tap
tls-server
ca ca.crt
cert gw2.crt
key gw2.key # This file should be kept secret
crl-verify crl.pem
dh dh1024.pem
server 192.0.2.0 255.255.255.128
ifconfig-pool-persist ipp.txt
push "route 10.1.0.0 255.255.0.0"
push "dhcp-option DNS 10.1.0.254"
push "dhcp-option DNS 10.1.0.253"
client-to-client
keepalive 10 120
tls-auth ta.key #0
comp-lzo
user nobody
group nobody
persist-key
persist-tun
status openvpn-status.log
log /var/log/openvpn.log
verb 4
#client-cert-not-required
reneg-sec 60
username-as-common-name
script-security 2
plugin /usr/share/openvpn/plugin/lib/openvpn-auth-pam.so "login login USERNAME password PASSWORD"
#log Cert CN and username
client-connect /etc/openvpn/log.sh
client-disconnect /etc/openvpn/log.sh
Change History (4)
comment:1 Changed 13 years ago by
comment:2 Changed 13 years ago by
dazo, I tried your suggestions found the openvpn-auth-pam.so plugin lead the memory leak.
comment:3 Changed 13 years ago by
Do OpenVPN use more than 1MB extra when it runs for a longer time? Ie. is the memory usage steadily increasing and never decreasing?
It is expected that plug-ins do use some memory. The auth-pam plug-in do also fork out a child process, iirc. This will take some extra memory. But the memory usage should not only grow over time, it should stabilise on a level when you have al users logged in.
If you also have possibility to test this on the 2.2.0 release, that'd be great. I don't believe the behaviour have changed much, but there are some minor patches which hits your code paths.
comment:4 Changed 12 years ago by
Resolution: | → notabug |
---|---|
Status: | new → closed |
Closing due to lack of response.
Can you please try the same configuration without --plugin, --client-connect and --client-disconnect? And if you don't see the memory leaks with this configuration, enable these features one-by-one, to see which if them to blame.
Also try without --username-as-common-name, even though this one is less likely to be the reason.