[openssl-dev] OpenSSL version 1.1.0 pre release 3 published
David Woodhouse
dwmw2 at infradead.org
Tue Feb 16 16:17:02 UTC 2016
On Mon, 2016-02-15 at 22:17 +0000, Matt Caswell wrote:
>
> Maybe EVP_cleanup() and other similar explicit deinit functions should
> be deprecated, and do nothing in 1.1.0? The auto-deinit capability
> should handle it. That way you would not need to do anything "special"
> for 1.1.0 with "#ifdef" etc. What do you think?
>
> If applications *must* do explicit cleanup they can always use the new
> OPENSSL_cleanup() function (which is clear in the docs that you cannot
> reinit afterwards).
What about libraries?
If a library (or loadable plugin within an application) uses OpenSSL,
how should it clean up after itself?
It has no control over, and no visibility into, whether another library
or the application itself might subsequently use OpenSSL again.
Any cleanup function which, as a side-effect, means that nobody can
ever use OpenSSL for the remainder of the lifetime of the running
process, seems entirely broken.
--
David Woodhouse Open Source Technology Centre
David.Woodhouse at intel.com Intel Corporation
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5691 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20160216/051aab65/attachment-0001.bin>
More information about the openssl-dev
mailing list