[openssl-users] Initialising OpenSSL more than once - how do we handle this?
Viktor Dukhovni
openssl-users at dukhovni.org
Mon Jul 30 14:02:16 UTC 2018
> On Jul 30, 2018, at 8:26 AM, Graham Leggett <minfrin at sharp.fm> wrote:
>
> Should they suppress attempts to unload mod_ssl, apr_crypto_openssl, libpq, libldap, etc if we know for sure that openssl < 1.1.0 is linked to them?
My recommendation is never unload a library once loaded.
I don't see the point, unloading and reloading on demand
risks crashes and memory leaks. Others may disagree, but
I prefer to not assume that unloading is safe.
In OpenSSL 1.1.0, we try to do our best to make it safe,
but some one-time static allocations will still leak and
crash safety is likely platform-specific.
--
Viktor.
More information about the openssl-users
mailing list