Thank you for that hint. I will try to rebuild the class as singleton. This could help, but isn't really nice.
Best regards Frank > Wockenfuß wrote: > > Hi all, > > > > I have written a class in C++ to easily access functions > from OpenSSL from our products. > > In the constructor of my class I do the following lines of code: > > > > threadSetup(); > > > > OpenSSL_add_all_digests(); > > OpenSSL_add_all_ciphers(); > > OpenSSL_add_all_algorithms(); > > > > ERR_load_PKCS7_strings(); > > ERR_load_X509_strings(); > > ERR_load_crypto_strings(); > > ERR_load_ERR_strings(); > > > > RAND_seed( rnd_seed, sizeof(rnd_seed) ); > > > > ENGINE_load_builtin_engines(); > > > > In the destructor I do the following: > > > > ENGINE_cleanup(); > > RAND_cleanup(); > > CRYPTO_cleanup_all_ex_data(); > > ERR_free_strings(); > > threadCleanUp(); > > > > This leads to a memory leak, because of the > > OpenSSL_add_all_...-functions in the constructor. In the > online manual > > I've read that I need to call > > > > EVP_cleanup(); > > > > in the destructor too. So if I do this all memory leaks are > gone, but > > the function > > > > X509_verify_cert() > > > > fails with the error 'certificate signature failure '. > > If I remove the EVP_cleanup() from the destructor the > function works as fine as it should work. > > > > Could please anyone give me a hint what could be wrong? > > The destructor is called at least once before the > constructor is called again and X509_verify_cert is called. > > > > Ideally these steps should be done once per program > life-time; constructor steps at start-up, destructor steps at > program exit (say in an environment where the OS doesn't > clean up the program's memory). > > Doing it per-object creation is unnecessary and error prone > (as maybe the case here). I believe it should be possible to > do it once per program lifetime without changing your C++ > class too much. > > -jb > -- > Real computer scientists don't comment their code. The > identifiers are so long they can't afford the disk space. > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
