Initialization and cleanup in 1.1.0f

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Initialization and cleanup in 1.1.0f

kenh
I'm using OpenSSL 1.1.0f in a client application. My implementation is using
up memory like crazy, so I must not be doing something right.

I read that 1.1.0 no longer needs explicit library initialization, so I've
take out the one-time calls (like SSL_library_init() and
SSL_load_error_strings()).

I create an SSL_CTX object and an SSL object for each communication I have
to do. The connections may use different certificate/key files so I create
and destroy these objects for each connection (I'm using non-blocking
sockets on a Windows platform).

Having tried numerous variations, I'm currently using this code to create
the objects:

        const SSL_METHOD* meth = SSLv23_method();
        ssl_ctx = SSL_CTX_new(meth);
        SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_NONE, nullptr);
        SSL_CTX_set_quiet_shutdown(ssl_ctx, 1); // non-standard.
        SSL_CTX_sess_set_cache_size(ssl_ctx, 1);  // no longer needed after adding
next line (?)
        SSL_CTX_set_session_cache_mode(ssl_ctx, SSL_SESS_CACHE_OFF);

        // setup certificate file, private key file, password, etc.
        SetupContext(info);

        ssl = SSL_new(ssl_ctx);
        bio[BIO_SEND] = BIO_new(BIO_s_mem());
        bio[BIO_RECV] = BIO_new(BIO_s_mem());
        SSL_set_bio(ssl, bio[BIO_RECV], bio[BIO_SEND]);


and the clean up at the end of the communication is done this way:

        if ( nullptr != ssl )
        {
                SSL_shutdown(ssl);
                SSL_CTX_free(ssl_ctx);
                SSL_free(ssl); // free's the two bio buffers associated with it.
                ssl = nullptr;
        }

What am I missing?

Thanks.



--
Sent from: http://openssl.6102.n7.nabble.com/OpenSSL-Dev-f29372.html
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev