[openssl-users] Initialising OpenSSL more than once - how do we handle this?

Viktor Dukhovni openssl-users at dukhovni.org
Mon Jul 30 14:02:16 UTC 2018



> On Jul 30, 2018, at 8:26 AM, Graham Leggett <minfrin at sharp.fm> wrote:
> 
> Should they suppress attempts to unload mod_ssl, apr_crypto_openssl, libpq, libldap, etc if we know for sure that openssl < 1.1.0 is linked to them?

My recommendation is never unload a library once loaded.
I don't see the point, unloading and reloading on demand
risks crashes and memory leaks.  Others may disagree, but
I prefer to not assume that unloading is safe.

In OpenSSL 1.1.0, we try to do our best to make it safe,
but some one-time static allocations will still leak and
crash safety is likely platform-specific.

-- 
	Viktor.



More information about the openssl-users mailing list