Is there memory leak or other bad impact if initialize SSL_CTX* object many times? #24203
-
Hi SSL experts,
could you help analyze if there are some issues for our openssl usage? for example, if there is memory leak or other bad impacts? thanks very much. |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 3 replies
-
The problem is what happens with pre-existing SSL * connections after you change the underlying SSL_CTX. For some of the settings in SSL_CTX that are copied into the SSL object on creation it is not a problem but for some others you're changing them under for the pre-existing SSL connections. |
Beta Was this translation helpful? Give feedback.
Almost all of these calls have an
SSL_*
equivalent. SoSSL_CTX_set_options
hasSSL_set_options
. So if you really need to customise these things on a per connection basis then you should use theSSL_*
forms instead. Don't change the underlyingSSL_CTX
once it has been used to create a connection.