Wockenfuß wrote:
Hi all,I have written a class in C++ to easily access functions from OpenSSL from our products. In the constructor of my class I do the following lines of code: threadSetup(); OpenSSL_add_all_digests(); OpenSSL_add_all_ciphers(); OpenSSL_add_all_algorithms(); ERR_load_PKCS7_strings(); ERR_load_X509_strings(); ERR_load_crypto_strings(); ERR_load_ERR_strings(); RAND_seed( rnd_seed, sizeof(rnd_seed) ); ENGINE_load_builtin_engines(); In the destructor I do the following: ENGINE_cleanup(); RAND_cleanup(); CRYPTO_cleanup_all_ex_data(); ERR_free_strings(); threadCleanUp();This leads to a memory leak, because of the OpenSSL_add_all_...-functions in the constructor. In the online manual I've read that I need to callEVP_cleanup(); in the destructor too. So if I do this all memory leaks are gone, but the function X509_verify_cert() fails with the error 'certificate signature failure '. If I remove the EVP_cleanup() from the destructor the function works as fine as it should work. Could please anyone give me a hint what could be wrong? The destructor is called at least once before the constructor is called again and X509_verify_cert is called.
Ideally these steps should be done once per program life-time; constructor steps at start-up, destructor steps at program exit (say in an environment where the OS doesn't clean up the program's memory).
Doing it per-object creation is unnecessary and error prone (as maybe the case here). I believe it should be possible to do it once per program lifetime without changing your C++ class too much.
-jb -- Real computer scientists don't comment their code. The identifiers are so long they can't afford the disk space. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
