Re: 2 questions

Thu, 03 Apr 2003 13:28:31 -0800 

In message <[EMAIL PROTECTED]> on Thu, 3 Apr 2003 15:22:55 -0600, "Matthew Fleming" 
<[EMAIL PROTECTED]> said:

mgf> 1. I have read Rescorla's book and am now reading "Network
mgf>    Security with OpenSSL" by Viega et al. The latter stresses the
mgf>    importance of registering callbacks for multithreading
mgf>    support. It seems to imply that all openssl library users
mgf>    should do this. But Rescorla doesn't discuss this at all.
mgf> 
mgf>    My question is, do I need to register these callbacks even if
mgf>    my own code will always call the openssl functions from a
mgf>    single thread of execution?

No, except if you use the nCipher engine.  That one seems to require
thread support at all times, at least last I got a report on that
issue.

mgf> 
mgf> 2. I am developing an application that uses openSSL under
mgf>    Windows. Visual Studio .NET complained about memory leaks,
mgf>    when all I had done was 
mgf> 
mgf>    SSL_library_init();
mgf> 
mgf>    I reported this to the openssl folks, and got the following
mgf>    response:
mgf> 
mgf>       That's normal.  What happens is that a table of error
mgf>       information, an object database and a few other things are
mgf>       being built up.  Since you're not calling any cleanup
mgf>       stuff, you end up with a "leak". 
mgf> 
mgf>       This is not a bug, at least not in OpenSSL.
mgf> 
mgf>    My question is, what "cleanup stuff" do I need to call to free
mgf>    up resources claimed by SSL_library_init()?  I know that after
mgf>    SSL_CTX_new() I need SSL_CTX_free() to free resources
mgf>    associated with the "context", but are there any other freeing
mgf>    functions I should know about?

There should really be a SSL_library_clean(), but there isn't.  The
function you're looking for is EVP_cleanup().

-- 
Richard Levitte   \ Spannvägen 38, II \ [EMAIL PROTECTED]
[EMAIL PROTECTED]  \ S-168 35  BROMMA  \ T: +46-8-26 52 47
                    \      SWEDEN       \ or +46-708-26 53 44
Procurator Odiosus Ex Infernis                -- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/

Unsolicited commercial email is subject to an archival fee of $400.
See <http://www.stacken.kth.se/~levitte/mail/> for more info.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to