On 21/01/16 17:57, Viktor Dukhovni wrote: > On Thu, Jan 21, 2016 at 05:33:51PM +0000, Howard Chu wrote: > >> In OpenLDAP we've been using >> CRYPTO_add(&ctx->references, 1, CRYPTO_LOCK_SSL_CTX) >> to manage our own SSL_CTXs but this is not possible with current 1.1. Making >> the structures opaque is a good move, but please provide methods to >> manipulate refcounts. >> >> Currently ssl_lib.c appears to bump the ctx refcount twice, in SSL_new. Why >> is that? > > Because the SSL handle has two references to the SSL_CTX. > > ssl->ctx > ssl->initial_ctx > > they are initially the same, but may diverge. These are freed > independently. > > Indeed there are at present no SSL_up_ref() or SSL_CTX_up_ref() > functions. The up_ref functions are at present:
This has now been fixed. I have added SSL_up_ref() and SSL_CTX_up_ref(). Matt _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev