openssl: Properly cleanup OpenSSL library
authorTobias Brunner <tobias@strongswan.org>
Wed, 17 Apr 2013 09:35:18 +0000 (11:35 +0200)
committerTobias Brunner <tobias@strongswan.org>
Wed, 8 May 2013 13:02:40 +0000 (15:02 +0200)
src/libstrongswan/plugins/openssl/openssl_plugin.c
src/libstrongswan/utils/leak_detective.c

index 97d5747..2371008 100644 (file)
@@ -14,6 +14,7 @@
  * for more details.
  */
 
+#include <openssl/err.h>
 #include <openssl/evp.h>
 #include <openssl/conf.h>
 #include <openssl/rand.h>
@@ -445,11 +446,15 @@ METHOD(plugin_t, get_features, int,
 METHOD(plugin_t, destroy, void,
        private_openssl_plugin_t *this)
 {
+       CONF_modules_free();
+       OBJ_cleanup();
+       EVP_cleanup();
 #ifndef OPENSSL_NO_ENGINE
        ENGINE_cleanup();
 #endif /* OPENSSL_NO_ENGINE */
-       EVP_cleanup();
-       CONF_modules_free();
+       CRYPTO_cleanup_all_ex_data();
+       ERR_remove_thread_state(NULL);
+       ERR_free_strings();
 
        threading_cleanup();
 
index 26e3e43..4f3c9f7 100644 (file)
@@ -475,13 +475,6 @@ char *whitelist[] = {
        "Curl_client_write",
        /* ClearSilver */
        "nerr_init",
-       /* OpenSSL */
-       "RSA_new_method",
-       "DH_new_method",
-       "ENGINE_load_builtin_engines",
-       "OPENSSL_config",
-       "ecdsa_check",
-       "ERR_put_error",
        /* libgcrypt */
        "gcry_control",
        "gcry_check_version",