Per comments at the bottom of openssl/FAQ, call even more functions to

clean up OpenSSL's toys when it's done playing.  (Why isn't there an
OpenSSL_free_everything() function?)


svn:r5321

2 files changed, 12 insertions, 0 deletions

diff --git a/src/common/crypto.c b/src/common/crypto.c
index 4857175e74..249be113ce 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -32,6 +32,7 @@ const char crypto_c_id[] = "$Id$";
 #include <openssl/dh.h>
 #include <openssl/rsa.h>
 #include <openssl/dh.h>
+#include <openssl/conf.h>
 
 #include <stdlib.h>
 #include <assert.h>
@@ -220,16 +221,26 @@ crypto_global_init(int useAccel)
   return 0;
 }
 
+/** Free crypto resources held by this thread. */
+void
+crypto_thread_cleanup(void)
+{
+  ERR_remove_state(0);
+}
+
 /** Uninitialize the crypto library. Return 0 on success, -1 on failure.
  */
 int
 crypto_global_cleanup(void)
 {
   EVP_cleanup();
+  //ERR_remove_state(0);
   ERR_free_strings();
 #ifndef NO_ENGINES
   ENGINE_cleanup();
 #endif
+  CONF_modules_unload(1);
+  CRYPTO_cleanup_all_ex_data();
 #ifdef TOR_IS_MULTITHREADED
   if (_n_openssl_mutexes) {
     int n = _n_openssl_mutexes;
diff --git a/src/common/crypto.h b/src/common/crypto.h
index 4eb57e88e4..6b128fda63 100644
--- a/src/common/crypto.h
+++ b/src/common/crypto.h
@@ -53,6 +53,7 @@ typedef struct crypto_dh_env_t crypto_dh_env_t;
 
 /* global state */
 int crypto_global_init(int hardwareAccel);
+void crypto_thread_cleanup(void);
 int crypto_global_cleanup(void);
 
 /* environment setup */