Hello Frank
I just had a look on the changes between snmp++ 3.6.3 and snmp++ 3.6.4 and I’m not sure, whether this is the best solution for the issue of the “memory leak in the AuthPriv destructor” since the “legacy provider” must only be loaded once to use “DES” multiple times if I understand the documentation correctly.
Consequently, an easy and lazy solution in the constructor of AuthPriv could be to make “OSSL_PROVIDER *legacy_provider” static:
static OSSL_PROVIDER *legacy_provider = nullptr;
if (!legacy_provider)
{
legacy_provider = OSSL_PROVIDER_load(NULL, “legacy”);
if( !legacy_provider )
{
LOG_BEGIN(loggerModuleName, ERROR_LOG | 1);
LOG(“AuthPriv: Error loading ‘legacy’ provider for OpenSSL. No DES encryption available”);
LOG_END;
}
}
This avoids possibly unnecessary calls to “OSSL_PROVIDER_load” and “OSSL_PROVIDER_unload” during runtime.
This “only” does not release the memory allocated with the one and only successful call to “OSSL_PROVIDER_load” on termination of the hosting application.
If this is not acceptable, I personally would prefer a documentary solution that states that the hosting process has to assure that the “legacy provider” of OpenSSL is loaded before “DES” is needed.
This includes the requirement that the hosting process must assure that the loaded provider is unloaded accordingly on termination of the hosting process if this of importance. Ths includes allocated memory by “OSSL_PROVIDER_load”
regards, Thorsten