OpenSSL masters,
I have two questions.
1. I have read Rescorla's book and am now reading "Network Security with
OpenSSL" by Viega et al. The latter stresses the importance of
registering callbacks for multithreading support. It seems to imply that
all openssl library users should do this. But Rescorla doesn't discuss
this at all.
My question is, do I need to register these callbacks even if my own
code will always call the openssl functions from a single thread of
execution?
2. I am developing an application that uses openSSL under Windows.
Visual Studio .NET complained about memory leaks, when all I had done
was
SSL_library_init();
I reported this to the openssl folks, and got the following response:
That's normal. What happens is that a table of error information,
an
object database and a few other things are being built up. Since
you're not calling any cleanup stuff, you end up with a "leak".
This is not a bug, at least not in OpenSSL.
My question is, what "cleanup stuff" do I need to call to free up
resources claimed by SSL_library_init()? I know that after
SSL_CTX_new() I need SSL_CTX_free() to free resources associated with
the "context", but are there any other freeing functions I should know
about?
Thanks in advance for your help.
--
Matthew Fleming, MD
Associate Professor
Dept. of Dermatology
Medical College of Wisconsin
E-mail: [EMAIL PROTECTED]
S-mail:
Dept. of Dermatology
Medical College of Wisconsin
8701 Watertown Plank Rd.
Milwaukee, WI 53226
Phone:414.456.4072
Fax:414.456.6518
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
