[openssl-users] Proper cleanup functions being called?

Michel SALES michel.sales at OnLine.fr
Thu Jan 22 12:07:57 UTC 2015 

1)  Am I correct that I only need to call the SSL_library_init(); and SSL_load_error_strings();  once at the beginning of the program , and not at the beginning of each thread?



Yes

 

2)  Should I be doing any other cleanup functions within the threads?



Yes, ERR_remove_state()


Should I be doing any other cleanup operations ?

 

Probably some of (before exiting main thread only) :

    EVP_cleanup();

    ERR_free_strings();

    CRYPTO_cleanup_all_ex_data();

    ENGINE_cleanup();

    CONF_modules_unload( 1 );

    CONF_modules_free();

    sk_SSL_COMP_free( SSL_COMP_get_compression_methods());

    RAND_cleanup();    

 

Hope it helps,

 

Michel.

 

De : openssl-users [mailto:openssl-users-bounces at openssl.org] De la part de Avery A. Tarasov
Envoyé : jeudi 22 janvier 2015 06:36
À : openssl-users at openssl.org
Objet : [openssl-users] Proper cleanup functions being called?

 

Hi All,

I am using OpenSSL 1.0.1l   in Win32 environment.  At the beginning of my program I call

    SSL_library_init();
    SSL_load_error_strings();

Those functions are only called once.

Then I have 3 threads which can't possibly be run at the same time due to mutexes I'm setting with WaitForSingleObject and ReleaseMutex.  Those 3 threads use these functions below and all variables in those threads are local to the threads (e.g. no globals).

SSL_CTX_new
SSL_CTX_set_verify
SSL_CTX_set_cert_verify_callback
BIO_new_connect
BIO_do_connect
SSL_new
SSL_set_bio
SSL_get_peer_certificate
SSL_write
SSL_read
SSL_get_error


(cleanup functions.. if conditions used to prevent double frees, etc.)
X509_free
SSL_shutdown
SSL_free
BIO_free
SSL_CTX_free




My questions are the following:

1)  Am I correct that I only need to call the SSL_library_init(); and SSL_load_error_strings();  once at the beginning of the program , and not at the beginning of each thread?
2)  Should I be doing any other cleanup functions within the threads?

My program appears to work perfectly but a tool is complaining about memory leaks in _CRYPTO_malloc, _asn1_enc_save,  _asn1_item_ex_d2i, _d2i_X509

Handle leaks

_shmem_winpthreads_grab
_pthread_register_pointer

In fact I get memory leaks reported if I just do    SSL_library_init(); alone

Despite the reports of the leaks my program seems to run fine for days and stay consistent in memory used.  But I'm feeling paranoid something just isn't quite right.

Should I be doing any other cleanup operations?

Thanks for the assistance.

Best Regards,

-Avery T.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150122/dfd53c67/attachment-0001.html>

More information about the openssl-users mailing list