[openssl-dev] Initialization and cleanup in 1.1.0f

[kenh]

I'm using OpenSSL 1.1.0f in a client application. My implementation is using
up memory like crazy, so I must not be doing something right.

I read that 1.1.0 no longer needs explicit library initialization, so I've
take out the one-time calls (like SSL_library_init() and
SSL_load_error_strings()).

I create an SSL_CTX object and an SSL object for each communication I have
to do. The connections may use different certificate/key files so I create
and destroy these objects for each connection (I'm using non-blocking
sockets on a Windows platform).

Having tried numerous variations, I'm currently using this code to create
the objects:

	const SSL_METHOD* meth = SSLv23_method();
	ssl_ctx = SSL_CTX_new(meth);
	SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_NONE, nullptr);
	SSL_CTX_set_quiet_shutdown(ssl_ctx, 1);	// non-standard.
	SSL_CTX_sess_set_cache_size(ssl_ctx, 1);  // no longer needed after adding
next line (?)
	SSL_CTX_set_session_cache_mode(ssl_ctx, SSL_SESS_CACHE_OFF);

	// setup certificate file, private key file, password, etc.
	SetupContext(info);

	ssl = SSL_new(ssl_ctx);
	bio[BIO_SEND] = BIO_new(BIO_s_mem());
	bio[BIO_RECV] = BIO_new(BIO_s_mem());
	SSL_set_bio(ssl, bio[BIO_RECV], bio[BIO_SEND]);


and the clean up at the end of the communication is done this way:

	if ( nullptr != ssl )
	{
		SSL_shutdown(ssl);
		SSL_CTX_free(ssl_ctx);
		SSL_free(ssl);	// free's the two bio buffers associated with it.
		ssl = nullptr;
	}

What am I missing?

Thanks.



--
Sent from: http://openssl.6102.n7.nabble.com/OpenSSL-Dev-f29372.html