On Thu, Aug 20, 2015 at 7:16 PM, Niels Peen <niels at peen.ch> wrote: > >> On 20 Aug 2015, at 16:45, Nikos Mavrogiannopoulos <n.mavrogiannopoulos at gmail.com> wrote: > >> I could not figure how to reproduce that. My main process remained >> unchanged after reloads using the sample config and certificate auth. >> Could you send me some steps to be able to reproduce the issue? > > I use the config below, then use occtl to reload. Issue the reload command a few times and I?ll see a significant increase in memory usage. Thanks. It seems it was the CRL reloading. The CRL entries were accumulating. I've committed a fix in gnutls: https://gitlab.com/gnutls/gnutls/commit/5870a55d0be3c1d995e951d7a36b504e66c87004 >> btw. did you have any issues with the "enable-auth certificate" >> option? Its purpose was to eliminate the need for two servers. > No issues. Just haven?t shut down the old process on all servers yet. > What?s interesting to note is that the radius config with enable-auth=?certificate? added does not have the memory issue. Are you sure. I seem to have the same leak if I switch your config to use primary auth radius and set enable-auth to certificate. regards, Nikos
