On Tue, Mar 5, 2019 at 6:05 PM Tomas Mraz <tmraz@xxxxxxxxxx> wrote: > > On Tue, 2019-03-05 at 16:00 +0100, Yann Ylavic wrote: > > On Tue, Mar 5, 2019 at 2:47 PM Tomas Mraz <tmraz@xxxxxxxxxx> wrote: > > > > > Why? Distros know better than the applications they run? > > They actually do, because applications cannot really know whats deep in > the chain of loaded shared libraries - for example getpwnam() can load > libnss_ldap which can load libldap which can load libssl. And the > application has no idea about what is your nsswitch.conf config. Who would do that seriously, configure a non-local User for httpd, and read it (as root) preferably from a remote LDAP?? No, httpd shouldn't be run like this, and httpd developers know it because they designed the root/main process with no other dependency than the APR lib (both for portability and security reasons), and I'm sure distros know it too. Furthermore, if that scenario were a real use case, it'd mean that libldap could initialize openssl with no regard to httpd needs, possibly no-op'ing further OPENSSL_init_*() calls with its own arbitrary init option (e.g. OPENSSL_INIT_[NO_]LOAD_CONFIG), while the application really is httpd here (I'm sure openldap uses minimal init, but since we are talking hypothetically..). So really, please let standalone applications precisely alone and choose what's best for them for their lifetime. > > > Since we are here, why OPENSSL_cleanup() exists and is public in the > > first place, and why no-pinshared or OPENSSL_INIT_NO_ATEXIT? > > Yes, having the public OPENSSL_cleanup() to be anything else than no-op > is probably a mistake. We'll probably agree to disagree here.. Regards, Yann.
