> On Jul 30, 2018, at 8:26 AM, Graham Leggett <minfrin@xxxxxxxx> wrote: > > Should they suppress attempts to unload mod_ssl, apr_crypto_openssl, libpq, libldap, etc if we know for sure that openssl < 1.1.0 is linked to them? My recommendation is never unload a library once loaded. I don't see the point, unloading and reloading on demand risks crashes and memory leaks. Others may disagree, but I prefer to not assume that unloading is safe. In OpenSSL 1.1.0, we try to do our best to make it safe, but some one-time static allocations will still leak and crash safety is likely platform-specific. -- Viktor. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
