[openssl-dev] OpenSSL version 1.1.0 pre release 3 published
Viktor Dukhovni
openssl-users at dukhovni.org
Tue Feb 16 23:11:15 UTC 2016
On Tue, Feb 16, 2016 at 11:06:32PM +0000, Howard Chu wrote:
> >I[t] must do nothing. That's what auto-initialization is for. It is
> >wrong for libraries to initialize OpenSSL, because that can't be
> >done safely. So in libraries that use OpenSSL, no OpenSSL initialization,
> >and no cleanup.
>
> I like this direction, but is it actually stable? There are programs out
> there that dynamically load and then unload modules repeatedly thru their
> life. We see libldap getting loaded and unloaded this way a lot, and that
> naturally means libssl/libcrypto go along for the ride too.
Nico Williams has some cool ideas for keeping a library from getting
unloaded, but regardless deinitialization is only for the application,
and only really to appease valgrind and the like.
De-initialization is not intended to happen when the library gets
unloaded, Nico assures me that there's no safe way to do that, and
the only safe thing to do when a library is unloaded is to leak!
However, we may be able to arrange for the library to never be
unloaded once it is loaded and initialized.
--
Viktor.
More information about the openssl-dev
mailing list