Since I tried all that and it crashes, I am going ahead and giving you the
more details on how I created *cert/evp_pkey* objects.
*X509 *cert = PEM_read_bio_X509_AUX(cert_bio, NULL, NULL, NULL);*
*EVP_PKEY *evp_pkey = PEM_read_bio_PrivateKey(key_bio, NULL, NULL, NULL);*
I tried freeing both
I thought this had become documented recently (i.e., in master only, not
even in 1.1.0), but can't find any evidence of such documentation.
SSL_CTX_use_PrivateKey() takes a reference on its pkey argument in the
same way as SSL_CTX_use_certificate(); it is safe for the local code to
free its local
Is this documented some where?
Also is the same true - with SSL_CTX_use_PrivateKey(ctx, evp_pkey) ? where
I can free evp_pkey with EVP_PKEY_free()?
Thanks
Adi
On Tue, Oct 17, 2017 at 9:50 AM, Benjamin Kaduk wrote:
> On 10/17/2017 11:27 AM, Adi Mallikarjuna Reddy V wrote:
>
On 10/17/2017 11:27 AM, Adi Mallikarjuna Reddy V wrote:
>> I am only worried about the following line.
>>
>> SSL_CTX_use_certificate(ctx, cert)
>>
>> After this line is it safe to free cert object while ctx is still
>> used later on?
>>
SSL_CTX_use_certificate(ctx, cert), on successful return,
I am only worried about the following line.
SSL_CTX_use_certificate(ctx, cert)
After this line is it safe to free cert object while ctx is still used
later on?
Thanks
Adi
On Tue, Oct 17, 2017 at 9:21 AM Benjamin Kaduk wrote:
> You only asked about freeing the X509, which
You only asked about freeing the X509, which is safe in this situation.
It is not safe to free the SSL_CTX if you want to use it again later --
remove this SSL_CTX_free(ctx) call and put one in your program's cleanup
instead.
-Ben
On 10/17/2017 11:08 AM, Adi Mallikarjuna Reddy V wrote:
> Forgot
Forgot to mention that the ssl_ctx is going to be used by another thread
later. When I do x509_free, the handshake doesn’t finish.
I see a crash in ssl_accept.
Thanks
Adi
On Tue, Oct 17, 2017 at 8:41 AM Benjamin Kaduk wrote:
> On 10/17/2017 08:39 AM, Adi Mallikarjuna Reddy
On 10/17/2017 08:39 AM, Adi Mallikarjuna Reddy V wrote:
> Hi,
>
> If I have an X509 object and is created using PEM_read_bio_X509_AUX(),
> then Can I free X509 right after the completion
> of PEM_read_bio_X509_AUX()?
>
> BIO *cert_bio = BIO_new(BIO_s_mem());
>
Hi,
If I have an X509 object and is created using PEM_read_bio_X509_AUX(), then
Can I free X509 right after the completion of PEM_read_bio_X509_AUX()?
BIO *cert_bio = BIO_new(BIO_s_mem());
X509 *cert = X509_new();