I could not find this information on https://www.openssl.org/docs/man1.1.1/man3/SSL_free.html.
In case openssl does not close the file descriptor: Should you close the file descriptor(s) like in example 1 or 2? Or even example 3 (unlikely)?
SSL* ssl = ...;
int fd = SSL_get_fd(ssl);
SSL_free(ssl);
close(fd);
SSL* ssl = ...;
int rfd = SSL_get_rfd(ssl);
int wfd = SSL_get_wfd(ssl);
SSL_free(ssl);
close(rfd);
close(wfd);
SSL* ssl = ...;
int fd = SSL_get_fd(ssl);
int rfd = SSL_get_rfd(ssl);
int wfd = SSL_get_wfd(ssl);
SSL_free(ssl);
close(fd);
close(rfd);
close(wfd);
You should not close the file descriptors you get from SSL_get_fd() (or SSL_get_rfd()/SSL_get_wfd():
SSL_free()also calls the free()ing procedures for indirectly affected items, if applicable: the buffering BIO, the read and write BIOs, cipher lists specially created for this ssl, the SSL_SESSION. Do not explicitly free these indirectly freed up items before or after calling SSL_free(), as trying to free things twice may lead to program failure.
As for the third example: In case SSL_get_rfd() and SSL_get_wfd() returns different file descriptors, SSL_get_fd() returns the same descriptor as SSL_get_rfd().