On 04/03/2019 23:37, Yann Ylavic wrote: > So my question is, why isn't no-pinshared the default? > ISTM that pinshared is enabled on linux only, That isn't correct. pinshared is the default everywhere. The way it is achieved is different for different platforms (so on Linux we use -znodelete). > and linux has > __cxa_atexit semantics for atexit() already, so dlclose() should > already call OPENSSL_cleanup() when needed. > Thus with OPENSSL_INIT_NO_ATEXIT now available the user could choose > at runtime whether (s)he wants to call OPENSSL_cleanup() explicitely > or let openssl clean up by itself. Actually if all platforms behaved like Linux then there would be no need for pinshared at all. Unfortunately they don't and on some platforms atexit handlers can get called even after they have been unloaded - which obviously leads to crashes. Feasibly we could make no-pinshared the default on platforms where it isn't really needed (such as Linux). However: 1) This introduces a change of OpenSSL behaviour based on platform - which isn't ideal for application developers targeting multiple platforms. Not sure how big a deal this is. 2) The no-pinshared option does not appear in 1.1.1 or 1.1.1a. It first appears in 1.1.1b. Backporting the option was considered ok. But changing the default mid-series is probably not a good idea. Changing the default could be considered for 3.0. Matt
