On 04/25/2014 01:46 AM, Amos Jeffries wrote:

> On 25/04/2014 12:56 p.m., Alex Rousskov wrote:
>> Do not leak fake SSL certificate context cache when reconfigure
>> changes port addresses.

> This requires the guarantee that all connections using the storage are
> closed right?


Hi Christos,

  My understanding is that deleting a cached LocalContextStorage object
does not actually affect connections that use the corresponding SSL_CTX
and certificate because any SSL object using those things increments
their sharing counter and deleting LocalContextStorage only decrements
that counter. The [cached] SSL_CTX object is not destroyed by
SSL_CTX_free until that sharing counter reaches zero. Is my
understanding flawed?

Do we have any code that stores SSL_CTX pointers for asyncrhonous use
(i.e., across many main loop iterations) but does not increment the
sharing counter?


Thank you,

Alex.

Reply via email to