On Mon, Feb 15, 2016 at 09:34:33PM +0000, Matt Caswell wrote: > On 15/02/16 21:25, Jouni Malinen wrote: > > Is this change in OpenSSL behavior expected? Is it not allowed to call > > EVP_cleanup() and then re-initialize OpenSSL digests with > > SSL_library_init()? > > Correct, you cannot reinit once you have deinit.
OK.. That used to work, though, so it would be good to mention this clearly in the release notes since this can cause a difficult to find issues for existing programs. Luckily I happened to have automated test cases that found this now with wpa_supplicant. > You should not need to explicitly init or deinit at all. Try removing > all such calls. If you are getting memory leaks not caused by your > application then that is a bug in OpenSSL. I agree with the "should not need" part, but there is a reason why I added those calls in the first place, i.e., these were needed with older OpenSSL releases (well, all releases so far since 1.1.0 has not been released). I guess I can remove these calls with #ifdef OPENSSL_VERSION_NUMBER < 0x10100000L to maintain support for older versions. I'd also recommend updating EVP_cleanup man page to be clearer about EVP_cleanup() being something that must not be called if there is going to be any future calls to OpenSSL before the process exits. -- Jouni Malinen PGP id EFC895FA -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev