https://issues.apache.org/bugzilla/show_bug.cgi?id=54357
--- Comment #8 from Alex Bligh <[email protected]> --- In https://issues.apache.org/bugzilla/show_bug.cgi?id=56919 (now marked as a dupe of this bug), Kaspar Brand said: > Getting rid of ex_data might be cleaner in the end, and was actually one > of Joe's questions on the dev list in October 2009: > >https://mail-archives.apache.org/mod_mbox/httpd-dev/200910.mbox/%[email protected]%3E Joe Orton appears to have predicted this with remarkable prescience: > 1) the use of an ex_data structure attached to the X509 * to store the > stapling-specific state seems unnecessary. Was there a reason why you > did this rather than simply extending the modssl_pk_server_t structure? > (The ex_data indices have historically been a nightmare with mod_ssl due > to the fact that OpenSSL might get unloaded from memory during startup, > and any cached copies of the index values outside of OpenSSL may or may > not be reliable. Global state == bad!) I am certainly not an expert either in apache or OCSP but I agree this looks like the way to go. I found the code a little incomprehensible as the ex_data stuff is pretty opaque as far as I'm concerned, but if this is the way people think it should be fixed I could take a look. Any hints about how this bit works would be appreciated. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
