<div><blockquote type="cite" style="color:rgb(49,49,49);word-spacing:1px"><div style="font-size:12.8px" dir="auto"><div style="font-size:0.800000011920929rem" dir="auto">I am only worried about the following line. </div><div style="font-size:0.800000011920929rem" dir="auto"><br></div><div style="font-size:0.800000011920929rem">SSL_CTX_use_certificate(ctx, cert)</div><div style="font-size:0.800000011920929rem" dir="auto"><br></div><div style="font-size:0.800000011920929rem" dir="auto">After this line is it safe to free cert object while ctx is still used later on?</div><div style="font-size:0.800000011920929rem" dir="auto"><br></div><div style="font-size:0.800000011920929rem" dir="auto">Thanks </div><div style="font-size:0.800000011920929rem" dir="auto">Adi</div></div></blockquote><div class="gmail_quote"><div>On Tue, Oct 17, 2017 at 9:21 AM Benjamin Kaduk <<a href="mailto:bkaduk@akamai.com">bkaduk@akamai.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF">
<tt>You only asked about freeing the X509, which is safe in this
situation.<br>
<br>
It is not safe to free the SSL_CTX if you want to use it again
later -- remove this SSL_CTX_free(ctx) call and put one in your program's
cleanup instead.<br>
<br>
-Ben<br>
</tt></div><div text="#000000" bgcolor="#FFFFFF"><br>
<div class="m_7723176224138030933moz-cite-prefix">On 10/17/2017 11:08 AM, Adi
Mallikarjuna Reddy V wrote:<br>
</div>
<blockquote type="cite">
<div>
<div dir="auto">Forgot to mention that the ssl_ctx is going to
be used by another thread later. When I do x509_free, the
handshake doesn’t finish.</div>
<div dir="auto"><br>
</div>
<div dir="auto">I see a crash in ssl_accept.</div>
<div dir="auto"><br>
</div>
<div dir="auto">Thanks </div>
<div dir="auto">Adi</div>
<br>
<div class="gmail_quote">
<div>On Tue, Oct 17, 2017 at 8:41 AM Benjamin Kaduk <<a href="mailto:bkaduk@akamai.com" target="_blank">bkaduk@akamai.com</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF"> On 10/17/2017 08:39
AM, Adi Mallikarjuna Reddy V wrote:<br>
<blockquote type="cite">
<div><span style="font-size:12.8px">Hi,</span>
<div style="font-size:12.8px"><br>
</div>
<div style="font-size:12.8px">If I have an X509 object
and is created using PEM_read_bio_X509_AUX(), then
Can I free X509 right after the completion
of PEM_read_bio_X509_AUX()?</div>
<div style="font-size:12.8px"><br>
</div>
<div style="font-size:12.8px">
<div> BIO *cert_bio =
BIO_new(BIO_s_mem());</div>
<div> X509 *cert =
X509_new();</div>
<div>
BIO_puts(cert_bio, cert_str.c_str());</div>
<div> cert =
PEM_read_bio_X509_AUX(cert_bio, &cert, NULL,
NULL);</div>
<div> if ( (cert !=
NULL) && SSL_CTX_use_certificate(ctx,
cert) < 1) {</div>
<div>
SSL_CTX_free(ctx);</div>
</div>
</div>
</blockquote>
<br>
</div>
<div text="#000000" bgcolor="#FFFFFF"> Yes.<br>
<br>
-Ben</div>
<div text="#000000" bgcolor="#FFFFFF"><br>
<br>
<blockquote type="cite">
<div>
<div style="font-size:12.8px">
<div> return
NULL;</div>
<div> }</div>
<div> </div>
<div> if(cert_bio
!=NULL) {</div>
<div>
BIO_free(cert_bio);</div>
<div> }</div>
<div> if(cert !=
NULL) {</div>
<div>
X509_free(cert); //is it needed?</div>
<div> }</div>
</div>
<div style="font-size:12.8px"><br>
</div>
<div style="font-size:12.8px"><br>
</div>
<div style="font-size:12.8px">Thanks</div>
<div style="font-size:12.8px">Adi</div>
</div>
<br>
<fieldset class="m_7723176224138030933m_7406849727341148149mimeAttachmentHeader"></fieldset>
<br>
</blockquote>
<br>
</div>
</blockquote>
</div>
</div>
<div>-- <br>
</div>
<div class="m_7723176224138030933gmail_signature" data-smartmail="gmail_signature">Sent
from Mobile</div>
</blockquote>
<br>
</div></blockquote></div></div><div dir="ltr">-- <br></div><div class="gmail_signature" data-smartmail="gmail_signature">Sent from Mobile</div>