[openssl-dev] OpenSSL version 1.1.0 pre release 3 published

Matt Caswell matt at openssl.org
Tue Feb 16 16:58:18 UTC 2016



On 16/02/16 16:17, David Woodhouse wrote:
> On Mon, 2016-02-15 at 22:17 +0000, Matt Caswell wrote:
>>
>> Maybe EVP_cleanup() and other similar explicit deinit functions should
>> be deprecated, and do nothing in 1.1.0? The auto-deinit capability
>> should handle it. That way you would not need to do anything "special"
>> for 1.1.0 with "#ifdef" etc. What do you think?
>>
>> If applications *must* do explicit cleanup they can always use the new
>> OPENSSL_cleanup() function (which is clear in the docs that you cannot
>> reinit afterwards).
> 
> What about libraries?
> 
> If a library (or loadable plugin within an application) uses OpenSSL,
> how should it clean up after itself?
> 
> It has no control over, and no visibility into, whether another library
> or the application itself might subsequently use OpenSSL again.
> 
> Any cleanup function which, as a side-effect, means that nobody can
> ever use OpenSSL for the remainder of the lifetime of the running
> process, seems entirely broken.
> 

The whole concept of a library cleaning up is broken. If a library
de-inits OpenSSL it cannot know if the application has finished using it
or not.

This is explicitly pointed out in the docs:

"The OPENSSL_cleanup() function deinitialises OpenSSL (both libcrypto
and libssl). All resources allocated by OpenSSL are freed. Typically
there should be no need to call this function directly as it is
initiated automatically on application exit. This is done via the
standard C library atexit function. In the event that the application
will close in a manner that will not call the registered atexit()
handlers then the application should call OPENSSL_cleanup() directly.
Developers of libraries using OpenSSL are discouraged from calling this
function and should instead, typically, rely on auto-deinitialisation.
This is to avoid error conditions where both an application and a
library it depends on both use OpenSSL, and the library deinitialises it
before the application has finished using it."

i.e. libraries should not explicitly deinit.

Matt


More information about the openssl-dev mailing list