tc wrote:Hello,
In the middle of 2006, I did some work for a customer who wanted the latest SSL for windows. I downloaded it and installed it.
It worked with no issues except that the initialization was different.
--tc
Yes, it will work - BUT If you call a c method (defined in cdecl) via stdcall (as VA does), you will loose with each API call a small amount of memory (the total size of parameters you gave to the function). Because VA expects, that the called c function will clean up the stack (stdcall) and the called c function thinks, that the caller will clean up the stack (cdecl). Therefore nobody cleans up the stack. THIS is your memory leak. Therefore my question to you about the calling convention of the OpenSSL libraries under Windows (and I know, that VA can only use the "c" calling convention, which means cdecl under Unix - but stdcall under Windows).
Therefore you have delivered an application to your customer with a potential memory leak - which may be a problem in a long term server task (this will for certain not a real problem in a desktop system, running for one hour or so - memory is there).
Therefore you may notice the disaster if a cdecl call hits a stdcall-function. The function itselfs will clean up the stack and the caller will again clean up the stack - and your stack results in a mess and exceptions will follow.
This problem is also to be considered, if you do a call-in into Smalltalk ...
Even inspecting the dll's will not help, because mostly the programmers are throwing away the parameter decorations of stdcall functions (because then he has not to change the c code of your application program, but only some #defines - if the creator of a used dll decides to swap calling convention).
If the creator of a dll does not mention this in the documentation you might have to disassemble the library to get this information or to do some tests and look at the stack pointer before and after the call.
The default behaviour (even of MS2008) is - as I hope to be right - cdecl. Therefore lots of libraries out there are expecting cdecl calls.
As an example: SQLite library is cdecl, PostgreSQL library is cdecl, freeImage library is stdcall, OORexx library is stdcall. lua interpreter is cdecl, OpenSSL seems to be cdecl.
I know, that all this may perhaps change with V80 - but actually one has to be very precise under Windows how to call external libraries and the newest OpenSSL libraries are needing additional VS2008 Runtime modules to work - or you recompile is without that need.