On 04/25/2014 01:46 AM, Amos Jeffries wrote: > On 25/04/2014 12:56 p.m., Alex Rousskov wrote: >> Do not leak fake SSL certificate context cache when reconfigure >> changes port addresses.
> This requires the guarantee that all connections using the storage are > closed right? Hi Christos, My understanding is that deleting a cached LocalContextStorage object does not actually affect connections that use the corresponding SSL_CTX and certificate because any SSL object using those things increments their sharing counter and deleting LocalContextStorage only decrements that counter. The [cached] SSL_CTX object is not destroyed by SSL_CTX_free until that sharing counter reaches zero. Is my understanding flawed? Do we have any code that stores SSL_CTX pointers for asyncrhonous use (i.e., across many main loop iterations) but does not increment the sharing counter? Thank you, Alex.