Always call OPENSSL_cleanup prior to exit #22544
Conversation
If an engine is loaded during the course of operations, and if that engine is written in C++, the data in that library will be deleted using an atexit handler prior to the execution of openssl's atexit handler, causing memory corruption/segfaults/unpredictable behavior. The only way to avoid that is to release any reference we have to that data prior to exit, which means calling OPENSSL_cleanup prior to exit. This patch enforces that behavior for all openssl utilities Fixes openssl#22508
|
Shouldn't we also alter the |
|
hmm, possibly, but I think we're safe one way or the other here. If we call OPENSSL_cleanup immediately prior to exit, then the 2nd call to OPENSSL_cleanup from the atexit handler should reduce to a noop (as the stopped variable will be set to 1). We certainly could call OPENSSL_init_ssl in or prior to apps_startup, with OPENSSL_INIT_NO_ATEXIT, and that would arguably be more correct, but I don't think it will affect the behavior. |
|
note: there are lots of |
|
|
|
IMO this is not a fix but a workaround and it should not be applied as it just papers over the problem for the openssl application. But any third party application would have to be changed the same way and that is unacceptable. |
|
This is a significant change in direction. Ever since 1.1.0 we have always said that applications do not need to explicitly call |
|
@mattcaswell agreed. Let's figure out a solution properly rather than rushing into something. |
If an engine is loaded during the course of operations, and if that engine is written in C++, the data in that library will be deleted using an atexit handler prior to the execution of openssl's atexit handler, causing memory corruption/segfaults/unpredictable behavior. The only way to avoid that is to release any reference we have to that data prior to exit, which means calling OPENSSL_cleanup prior to exit. This patch enforces that behavior for all openssl utilities
Fixes #22508