I noticed the following memory leaks from the tests:
==29732== 48 bytes in 1 blocks are definitely lost in loss record 2 of 2 ==29732== at 0x4C2EBAB: malloc (vg_replace_malloc.c:299) ==29732== by 0x5DE20FC: CRYPTO_zalloc (mem.c:107) ==29732== by 0x44FFD6: evp_init (libcrypto.c:181) ==29732== by 0x43CB18: ssh_pki_do_sign (pki.c:2034) ==29732== by 0x41A98E: ssh_userauth_publickey (auth.c:705) ==29732== by 0x41BA37: ssh_userauth_publickey_auto (auth.c:1175) ==29732== by 0x418365: torture_ssh_session (torture.c:302) ==29732== by 0x41752A: session_setup (torture_sftp_benchmark.c:39) ==29732== by 0x586CB12: ??? (in /usr/lib64/libcmocka.so.0.5.1) ==29732== by 0x586D356: _cmocka_run_group_tests (in /usr/lib64/libcmocka.so.0.5.1) ==29732== by 0x4179A3: torture_run_tests (torture_sftp_benchmark.c:128) ==29732== by 0x4193FC: main (torture.c:855) ==29732==
There is evp_init, which allocates memory under OpenSSL (EVP_MD_CTX_new()), but there is no evp_free(), which should call the EVP_MD_CTX_free().