[openssl-users] Openssl static build linked in DLL does not unload on win32
Matt Caswell
matt at openssl.org
Thu Jan 5 10:53:45 UTC 2017
On 04/01/17 23:11, Dan Heinz wrote:
> Using openssl 1.1.0c.
>
> I have a test application that is a win32 console app that calls a win32
> DLL which has the openssl libraries linked in statically.
>
> The test applications uses late-binding to the DLL and calls LoadLibrary
> for the DLL, one test function in the DLL, and then FreeLibrary on the DLL.
>
>
>
> The test function in the DLL does the following:
>
> RSA*rsa = NULL;
>
> rsa = RSA_new();
>
> RSA_free(rsa);
>
> OPENSSL_thread_stop();
>
> OPENSSL_cleanup();
>
> return0;
>
> When FreeLibrary is called on the DLL, dllmain in never called with any
> messages. A subsequent call to LoadLibrary also fails to call dllmain
> and when the test function is called RSA_new() fails. This leads me to
> believe the DLL is never freed.
>
> I have tried building openssl with and without no-threads with the same
> results. My build parameters are:
> perl Configure *%TEMP_ARCHITECTURE%*
> --prefix=*%RootPath_ThirdParty%*\*%OPENSSL_VERSION%* -DPURIFY
> -DOPENSSL_NO_COMP -D_USING_V110_SDK71_ no-shared no-threads no-asm
> no-idea no-mdc2 no-rc5 no-ssl3 no-zlib no-comp
>
> What am I missing?
OpenSSL does its cleanup at *process* exit. Don't call OPENSSL_cleanup()
explicitly - this is discouraged.
>From this manpage:
https://www.openssl.org/docs/man1.1.0/crypto/OPENSSL_init_crypto.html
"Typically there should be no need to call this function directly as it
is initiated automatically on application exit...<snip>...
Once OPENSSL_cleanup() has been called the library cannot be reinitialised."
This last sentence is the reason why RSA_new() will fail after you have
previously called OPENSSL_cleanup().
Because cleanup happens on process exit, OpenSSL will keep itself in
memory until that time (otherwise crashes will occur because the cleanup
routines have been unloaded).
If you want to dynamically load and unload your DLL then don't
statically link it to OpenSSL - otherwise OpenSSL will keep your DLL
around until process exit too.
Matt
More information about the openssl-users
mailing list