[openssl-users] SSL_shutdown:shutdown while in init

Matt Caswell matt at openssl.org
Wed Oct 18 09:14:53 UTC 2017

On 17/10/17 21:27, Chris Bare wrote:
> I have the following code:
> setup_ssl (char *server_name, char *port, SSL_CTX *ctx)
> {
>     BIO *output = BIO_new_ssl_connect (ctx);
>     if (!output)
>     {
>         return (NULL);
>     }
>     BIO_get_ssl (output, &ssl);
>     SSL_set_mode (ssl, SSL_MODE_AUTO_RETRY);
>     SSL_set_verify (ssl, true, NULL);
>     BIO_set_conn_hostname (output, server_name);
>     BIO_set_conn_port(output, port);
>     if (BIO_do_connect (output) <= 0)
>     {
>         BIO_free (output);
>         return (NULL);
>     }
> }
> If the server I'm trying to connect to does not have ssl enabled, I get
> the error:
> SSL23_GET_SERVER_HELLO:unknown protocol
> and BIO_do_connect fails as expected, but BIO_free gives this error:
> SSL_shutdown:shutdown while in init

Hmmm...that looks like an OpenSSL bug to me. It should not call
SSL_shutdown() if we are still in init. I raised this issue:


> If I don't free it, I have a memory leak.
> Is there something else I need to do to clean up the BIO?

As a workaround for this I think you can just ignore the error. From
code inspection it looks to me like it should go ahead and free
everything anyway.


More information about the openssl-users mailing list