httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Orton <>
Subject Re: Using UPN from subjectAltName with SSLUserName
Date Mon, 13 Jul 2015 14:03:10 GMT
On Sat, Jul 11, 2015 at 04:40:20PM +0200, Kaspar Brand wrote:
> @@ -1902,5 +1907,7 @@ apr_status_t ssl_init_ModuleKill(void *data)
>      free_dh_params();
> +    OBJ_cleanup();
> +
>      return APR_SUCCESS;

>From being burnt previously three or four times, I get scared by OpenSSL 
process global stuff.

Have you worked out that it's safe to do that call there?  It looks odd 
to do that there rather than alongside other global cleanups in 
ssl_cleanup_pre_config, so it's at least worth a comment if you really 
want this here.

There is some complicated interaction between EVP_cleanup() and 
OBJ_cleanup() which I haven't tried to decipher, but it looks like 
EVP_cleanup() will actually do the cleanup call?

Regards, Joe

View raw message