nginx start and stop has issue for openssl engine

Zhangfei Gao zhangfei.gao at
Thu Apr 21 10:15:23 UTC 2022


I am using openssl engine with nginx.
openssl: OpenSSL_1_1_1f

If the engine does not include rsa, everythings works well

If the engine retister rsa, even the empty
ENGINE_set_destroy_function(e, destroy_fn);
ENGINE_set_RSA(e, RSA_meth_new("rsa method", 0));

destroy_fn will NOT be called in nginx start and nginx -s quit.

Have some debug
If has rsa, engine_free_util e->struct_ref > 0, so not call e->destroy(e).

    fnd = lh_ENGINE_PILE_retrieve(&(*table)->piles, &tmplate);
    if (!fnd)
        goto end;
    if (fnd->funct && engine_unlocked_init(fnd->funct)) {

If no rsa, engine_table_select funciton goto end.
If rsa, engine_table_select call engine_unlocked_init, ref++, for two times.
So at last,  e->destroy(e will not be called in engine_free_util.

Has anyone seen this issue?


More information about the openssl-users mailing list