Hi Matt,
> Am 16.04.2020 um 16:29 schrieb Matt Caswell <m...@openssl.org>:
> On 16/04/2020 14:42, Harald Koch wrote:
>> Hello list,
>>
>> I have a TLS server which is started on demand in a multithreaded (pthread)
>> application. The TLS server is one thread which is being started and
>> stopped. At first start, the TLS server initialized with SSL_CTX_new with
>> TLS_server_method works as expected, after cleaning up, eliminating the
>> thread and starting it again at a later time in the same process,
>> SSL_CTX_new returns NULL. I’ve been digging deeper into the initialization
>> code, and found out that in crypto/threads_pthread.c, function
> What does your clean up code look like? Are you taking specific steps to
> cleanup OpenSSL and if so what are they?
I’m checking if my actually used SSL and CTX are up, and if so, cleanup them
before thread killing:
if(ssl != NULL) { // assigned by SSL_new before
SSL_free(ssl);
ssl = NULL;
}
/* Free the SSL_CTX structure */
if(ctx != NULL) { // assigned by SSL_CTX_new before
SSL_CTX_free(ctx);
ctx = NULL;
}
No other openSSL specific cleanup functions are called. The functions
documented in https://wiki.openssl.org/index.php/Library_Initialization#Cleanup
<https://wiki.openssl.org/index.php/Library_Initialization#Cleanup> are not
called.
> CRYPTO_THREAD_set_local the call to pthread_setspecific returns a value
> != 0 (in my case: 22). The error queue of openSSL stays empty. The same
> code works with openSSL 1.1.0 in all versions.
>> Some posts googled state that before usage, be sure to run OPENSSL_init_ssl
>> (which I do, even if not required to my analysis since it’s already called
>> in one of the called functions deeper in the library).
>> Am I missing something in a multithreaded environment?
