I'm using OpenSSL 1.1.0f in a client application. My implementation is using
up memory like crazy, so I must not be doing something right.

I read that 1.1.0 no longer needs explicit library initialization, so I've
take out the one-time calls (like SSL_library_init() and

I create an SSL_CTX object and an SSL object for each communication I have
to do. The connections may use different certificate/key files so I create
and destroy these objects for each connection (I'm using non-blocking
sockets on a Windows platform).

Having tried numerous variations, I'm currently using this code to create
the objects:

        const SSL_METHOD* meth = SSLv23_method();
        ssl_ctx = SSL_CTX_new(meth);
        SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_NONE, nullptr);
        SSL_CTX_set_quiet_shutdown(ssl_ctx, 1); // non-standard.
        SSL_CTX_sess_set_cache_size(ssl_ctx, 1);  // no longer needed after 
next line (?)
        SSL_CTX_set_session_cache_mode(ssl_ctx, SSL_SESS_CACHE_OFF);

        // setup certificate file, private key file, password, etc.

        ssl = SSL_new(ssl_ctx);
        bio[BIO_SEND] = BIO_new(BIO_s_mem());
        bio[BIO_RECV] = BIO_new(BIO_s_mem());
        SSL_set_bio(ssl, bio[BIO_RECV], bio[BIO_SEND]);

and the clean up at the end of the communication is done this way:

        if ( nullptr != ssl )
                SSL_free(ssl);  // free's the two bio buffers associated with 
                ssl = nullptr;

What am I missing?


Sent from: http://openssl.6102.n7.nabble.com/OpenSSL-Dev-f29372.html
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Reply via email to