Hi all, I am currently reviewing the shutdown behaviour in both httpd’s mod_ssl and apr’s apr-crypto-openssl modules.
Am I right in understanding that from openssl v1.1.0 and upwards, all the following calls are no longer necessary, will be called automatically atexit by the openssl library, and these can be removed from the code? https://svn.apache.org/viewvc/httpd/httpd/tags/2.4.39/modules/ssl/mod_ssl.c?view=markup#l329 FIPS_mode_set(0); OBJ_cleanup(); CONF_modules_free(); EVP_cleanup(); ENGINE_cleanup(); SSL_COMP_free_compression_methods(); ERR_remove_thread_state(NULL); ERR_remove_state(0); ERR_free_strings(); CRYPTO_cleanup_all_ex_data(); https://svn.apache.org/viewvc/apr/apr-util/tags/1.6.1/crypto/apr_crypto_openssl.c?view=markup#l114 ERR_free_strings(); EVP_cleanup(); ENGINE_cleanup(); Regards, Graham —
smime.p7s
Description: S/MIME cryptographic signature
