> On Jul 19, 2016, at 5:26 PM, Matt Caswell via RT <r...@openssl.org> wrote: > >> Most of all, we use CRYPTO_THREAD_run_once() internally to initiate the first >> locks, so pretty much in an initial state of the library (not entirely true, >> since we do these inits opportunistically, but it's probable that they happen >> very early on). If they are having memory allocation, the running app is >> probably in deep shit anyway, so a hard assert in our diverse inits would >> probably be appropriate either way. > > You are assuming that the application loads and inits OpenSSL early and > that it is critical to its function. It may not be.
Postfix expects to be able to continue "degraded" operation without TLS,
when TLS initialization fails. Asserts are not acceptable. They would
cause Postfix to look for a different SSL library.
When initialization fails, all subsequent calls can return errors, but
assert is not an option.
--
Viktor.
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4614
Please log in as guest with password guest if prompted
smime.p7s
Description: S/MIME cryptographic signature
-- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
