On 06/13/2014 10:46 PM, Alex Rousskov wrote:
On 04/25/2014 01:46 AM, Amos Jeffries wrote:
On 25/04/2014 12:56 p.m., Alex Rousskov wrote:
Do not leak fake SSL certificate context cache when reconfigure
changes port addresses.
This requires the guarantee that all connections using the storage are
closed right?
Hi Christos,
My understanding is that deleting a cached LocalContextStorage object
does not actually affect connections that use the corresponding SSL_CTX
and certificate because any SSL object using those things increments
their sharing counter and deleting LocalContextStorage only decrements
that counter. The [cached] SSL_CTX object is not destroyed by
SSL_CTX_free until that sharing counter reaches zero. Is my
understanding flawed?
This is true. The SSL_CTX objects are not destroyed.
Do we have any code that stores SSL_CTX pointers for asyncrhonous use
(i.e., across many main loop iterations) but does not increment the
sharing counter?
Nope.
I hope I am not loosing anything. In any case if such case found it
should be considered as bug, and must fixed...
Thank you,
Alex.
