THRIFT-4164: update openssl cleanup to match current requirements and document TSSLSocketFactory lifetime requirements
Client: cpp
This closes #1235
diff --git a/lib/cpp/README.md b/lib/cpp/README.md
index 05aef95..a7f7e79 100755
--- a/lib/cpp/README.md
+++ b/lib/cpp/README.md
@@ -279,3 +279,13 @@
In the pthread mutex implementation, the contention profiling code was enabled
by default in all builds. This changed to be disabled by default. (THRIFT-4151)
+
+In older releases, if a TSSLSocketFactory's lifetime was not at least as long
+as the TSSLSockets it created, we silently reverted openssl to unsafe multithread behavior
+and so the results were undefined. Changes were made in 0.11.0 that cause either an
+assertion or a core instead of undefined behavior. The lifetime of a TSSLSocketFactory
+*must* be longer than any TSSLSocket that it creates, otherwise openssl will be cleaned
+up too early. If the static boolean is set to disable openssl initialization and
+cleanup and leave it up to the consuming application, this requirement is not needed.
+(THRIFT-4164)
+