On Mon, 15 Nov 2010 17:48:42 +0200, Tsantilas Christos <[email protected]> wrote: > On 11/11/2010 04:24 PM, Amos Jeffries wrote: >>>> >>>> Over in the dynamic generation code this nasty usage case is >>>> implemented >>>> by the http_port contexts and again in the context "storage". >>>> >>>> Specifically on the http_port... if you recall the history of bug >>>> http://bugs.squid-cache.org/show_bug.cgi?id=2586 the destructor of >>>> http_port globals are perfectly capable of cleanly erasing the member >>>> contexts. We had to leave the SSL context leaking until they could be >>>> *RefCounted* (with a full 1->N count) because active connections held >>>> raw-pointers to it long after the "owner" port was closed. > > I am reading the SSL_CTX_free man page: > > "SSL_CTX_free() decrements the reference count of ctx, and removes the > SSL_CTX object pointed to by ctx and frees up the allocated memory if > the the reference count has reached 0. " > > Looks that openSSL library already uses RefCounts internally. > We should not have any problem releasing SSL contexts even if still used
> by active connections. > Why are we consider it as a problem? > I am trying to find in squid-dev related discussions but I can not found > any. Due to Alexs' comment #4 in the bug and a common defacto standard for free functions to actually free things. I guess if that documentation is correct I have no objection to it going into trunk for more testing. I'd stick a note about the ref-counted nature of these CTX where the typedefs are. And add this new info to the bug report too please. +1. Amos
