Hi,
I am new to this list and to nginx, so here is a short intro:
I am Jan A., primarily a complete REST/HTTP-head and recently
focussing on REST API security. About to write an nginx module as an
authenticating HTTP gateway.
I have a question regarding memory management and the use of OpenSSL
(libcrypto) in nginx:
AFAIK, libcrypto is doing quite a lot of memory
allocations/deallocations
internally, unsing standard malloc etc.
When a piece software that builds upon libcrypto provides its own
memory management (for example nginx) it can explicitly set the
memory management functions used by libcrypto. This can be done
by using CRYPTO_set_mem_functions (#include <crypto.h>).
Looking at the nginx sources, I did not find any use of this feature. Am
I missing something, or does the SSL module of nginx simply ignore
the memory management issue, defering to the use of malloc inside
libcrypto?
If so, can anyone explain the rationale for doiing so?
Jan