minfrin commented on code in PR #8:
URL: https://github.com/apache/serf/pull/8#discussion_r2160234074
##########
buckets/ssl_buckets.c:
##########
@@ -1567,14 +1626,214 @@ static int ssl_need_client_cert(SSL *ssl, X509 **cert,
EVP_PKEY **pkey)
return 1;
}
+#if defined(SERF_HAVE_OSSL_STORE_OPEN_EX)
+
+ if (ssl_x509_ex_data_idx < 0) {
+ ssl_x509_ex_data_idx = X509_get_ex_new_index(0, NULL, NULL, NULL,
NULL);
Review Comment:
The variable is a process wide singleton.
X509_get_ex_new_index is a macro that calls this:
From https://docs.openssl.org/3.1/man3/CRYPTO_get_ex_new_index/
"Exdata types are identified by an index, an integer guaranteed to be unique
within structures for the lifetime of the program. Applications using exdata
typically call CRYPTO_get_ex_new_index at startup, and store the result in a
global variable, or write a wrapper function to provide lazy evaluation."
Is there a once-off-init location in serf that this can be moved to?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscr...@serf.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
