Manual Shutdown of OpenSSL 1.1.x library

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Manual Shutdown of OpenSSL 1.1.x library

Dan Heinz
Is there currently a way to manually shutdown the OpenSSL library?
 
We have a DLL that statically links OpenSSL.  Our DLL gets loaded and unloaded multiple times by a process (not our process), and we need to release OpenSSL each time.  This was not possible with OpenSSL 1.1 as of September 2017 as the process's atexit is where it gets released which will not be called after a FreeLibrary() call on our DLL.  Has this been revisited?  If there now a way to manually release OpenSSL, or are there any plans to add this ability?
 
Here is a link to our original post and discussion from January 2017:
https://www.mail-archive.com/openssl-users@.../msg80781.html
 
From the previous post, something like this would address the issue: "I'm wondering whether an option to override the default behavior might be possible, e.g. an explicit call to OPENSSL_init_crypto() with something like an OPENSSL_INIT_NO_ATEXIT_CLEANUP option. The application would then have to call OPENSSL_cleanup() explicitly."

 

 


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: Manual Shutdown of OpenSSL 1.1.x library

Matt Caswell-2


On 11/10/18 21:56, Dan Heinz wrote:

> Is there currently a way to manually shutdown the OpenSSL library?
>
>
>
> We have a DLL that statically links OpenSSL.  Our DLL gets loaded and
> unloaded multiple times by a process (not our process), and we need
> to release OpenSSL each time.  This was not possible with OpenSSL 1.1
> as of September 2017 as the process's atexit is where it gets
> released which will not be called after a FreeLibrary() call on our
> DLL.  Has this been revisited?  If there now a way to manually
> release OpenSSL, or are there any plans to add this ability?
>
>
>
> Here is a link to our original post and discussion from January
> 2017:
>
> https://www.mail-archive.com/openssl-users@.../msg80781.html
>
>
>
> From the previous post, something like this would address the issue:
> "I'm wondering whether an option to override the default behavior
> might be possible, e.g. an explicit call to OPENSSL_init_crypto()
> with something like an OPENSSL_INIT_NO_ATEXIT_CLEANUP option. The
> application would then have to call OPENSSL_cleanup() explicitly."

No such option exists for currently supported OpenSSL versions. It could
be added to a future version fairly simply:

https://github.com/openssl/openssl/pull/7388

Matt

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users