OpenSSL memory management

Maxim Dounin mdounin at
Thu Jun 13 11:41:31 UTC 2013


On Wed, Jun 12, 2013 at 08:31:47AM +0200, Jan Algermissen wrote:

> Hi,
> I am new to this list and to nginx, so here is a short intro:
> I am Jan Algermissen, primarily a complete REST/HTTP-head and recently
> focussing on REST API security. About to write an nginx module as an
> authenticating HTTP gateway.
> I have a question regarding memory management and the use of OpenSSL
> (libcrypto) in nginx:
> AFAIK, libcrypto is doing quite a lot of memory allocations/deallocations
> internally, unsing standard malloc etc.
> When a piece software that builds upon libcrypto provides its own
> memory management (for example nginx) it can explicitly set the
> memory management functions used by libcrypto. This can be done
> by using CRYPTO_set_mem_functions (#include <crypto.h>).
> Looking at the nginx sources, I did not find any use of this feature. Am
> I missing something, or does the SSL module of nginx simply ignore
> the memory management issue, defering to the use of malloc inside
> libcrypto?
> If so, can anyone explain the rationale for doiing so?

OpenSSL allocations life time often more than a request life time, 
and sometimes more than a connection life time.  This makes use of 
nginx memory management functions mostly pointless.

Maxim Dounin

More information about the nginx mailing list