[openssl-dev] OpenSSL version 1.1.0 pre release 3 published
Howard Chu
hyc at highlandsun.com
Tue Feb 16 23:06:32 UTC 2016
Viktor Dukhovni wrote:
>
>> On Feb 16, 2016, at 11:17 AM, David Woodhouse <dwmw2 at infradead.org> wrote:
>>
>> If a library (or loadable plugin within an application) uses OpenSSL,
>> how should it clean up after itself?
>
> I must do nothing. That's what auto-initialization is for. It is
> wrong for libraries to initialize OpenSSL, because that can't be
> done safely. So in libraries that use OpenSSL, no OpenSSL initialization,
> and no cleanup.
>
I like this direction, but is it actually stable? There are programs out there
that dynamically load and then unload modules repeatedly thru their life. We
see libldap getting loaded and unloaded this way a lot, and that naturally
means libssl/libcrypto go along for the ride too.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
More information about the openssl-dev
mailing list