Hi,
On 2025-06-06 08:41:20 -0700, Jacob Champion wrote:
> On Fri, Jun 6, 2025 at 4:56 AM Peter Eisentraut <peter@eisentraut.org> wrote:
> > It seems weird to me that openssl spends so much effort tidying up its
> > memory allocations just before exiting. We could just skip that.
> > Looking through the code of OPENSSL_cleanup(), there might be one or two
> > cases of log or trace files that get flushed during cleanup, so it's not
> > an absolute no-brainer to skip all the cleanup.
>
> I guess I'd be concerned that a hardware crypto provider might need
> good-faith cleanup to work well. I understand they can't rely on
> atexit in general, but there would be a big difference between "you
> might have to clean up after a crash" and "every single connection
> litters the hardware with unused stuff".
It's not just crashes, e.g. the startup packet timeout is also handled by
_exit() - and it can be triggered remotely. ISTM that if crypto providers
can't handle _exit(), we have a bigger problem.
Alternatively we could try deferring more of openssl's initialization to
outside of postmaster - but that doesn't seem particularly realistic.
Greetings,
Andres Freund
