Discussion:
What's the best practice for libcurl + openssl?
ccwwl Wu
2018-11-05 10:56:03 UTC
Permalink
In my application, I use libcurl for https, and directly using openssl for
md5. So when I call curl_global_cleanup, this function will call
EVP_cleanup which will clean all ssl environment, then md5 algorithm will
be disabled. So what's the best practice for libcurl + openssl? The version
of my libcurl is 7.60.
Ray Satiro
2018-11-06 06:12:39 UTC
Permalink
Post by ccwwl Wu
In my application, I use libcurl for https, and directly using openssl
for md5. So when I call curl_global_cleanup, this function will call
EVP_cleanup which will clean all ssl environment, then md5 algorithm
will be disabled. So what's the best practice for libcurl + openssl?
The version of my libcurl is 7.60.
If libcurl is using OpenSSL as its SSL backend and you call
curl_global_cleanup then it will call OpenSSL cleanup functions. There
is no longer a way to opt-out of that, however you can either not call
curl_global_cleanup or possibly? you can re-initialize OpenSSL after
curl_global_cleanup or you can upgrade to OpenSSL 1.1.x. libcurl does
not call OpenSSL cleanup functions in OpenSSL 1.1+, and even if it did
those cleanup functions are now no-ops that exist just for compatibility
with previous versions.

In the future for libcurl questions please use the curl-library mailing
list instead of curl-users. [1]

[1]: https://curl.haxx.se/mail/



-----------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-users
Etiquette

Loading...