I am using a BIO pair under SSL and a BIO above SSL to handle asynchronous traffic that is delivered to me on a non-standard system.
IOW, I get data callbacks that I push to the BIOs under the SSL session, check for responses under the SSL session, and handle the decrypted traffic via the BIO above the SSL session. It works very well, except when I try to free the SSL sessions at the end of a connection. I'm calling BIO_free_all() on the BIO that wraps the SSL session, and expect it to free the SSL session and underlying BIOs. It appears to as if I try to free them separately, I get the expected duplicate free() errors. MALLOC_TRACE turned on shows per-connection leaks in libcrypto, (in particular, what appear to be 4k buffers, and lots of little bits as well) but I can't track them down. I'm open to ideas.
